This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing a security update.
Updated wpa_supplicant packages fix security vulnerability :
A vulnerability was found in the mechanism wpa_cli and hostapd_cli use
for executing action scripts. An unsanitized string received from a
remote device can be passed to a system() call resulting in arbitrary
command execution under the privileges of the wpa_cli/hostapd_cli
process (which may be root in common use cases) (CVE-2014-3686).
Using the wpa_supplicant package, systems are exposed to the
vulnerability if operating as a WPS registrar.
See also :
Update the affected wpa_supplicant package.
Risk factor :
Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.9
Public Exploit Available : true