This script is Copyright (C) 2015 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
Updated krb5 packages fix security vulnerability :
In MIT krb5, when kadmind is configured to use LDAP for the KDC
database, an authenticated remote attacker can cause a NULL
dereference by attempting to use a named ticket policy object as a
password policy for a principal. The attacker needs to be
authenticated as a user who has the elevated privilege for setting
password policy by adding or modifying principals (CVE-2014-5353).
See also :
Update the affected packages.
Risk factor :
Low / CVSS Base Score : 3.5
CVSS Temporal Score : 3.0
Public Exploit Available : true