This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing a security update.
Updated srtp package fixes security vulnerability :
Fernando Russ from Groundworks Technologies reported a buffer overflow
flaw in srtp, Cisco's reference implementation of the Secure Real-time
Transport Protocol (SRTP), in how the
crypto_policy_set_from_profile_for_rtp() function applies
cryptographic profiles to an srtp_policy. A remote attacker could
exploit this vulnerability to crash an application linked against
libsrtp, resulting in a denial of service (CVE-2013-2139).
See also :
Update the affected srtp package.
Risk factor :
Low / CVSS Base Score : 2.6
CVSS Temporal Score : 2.3
Public Exploit Available : false