This script is Copyright (C) 2015 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing a security update.
Updated nodejs package fixes security vulnerabilities :
A memory corruption vulnerability, which results in a
denial-of-service, was identified in the versions of V8 that ship with
Node.js 0.8 and 0.10. In certain circumstances, a particularly deep
recursive workload that may trigger a GC and receive an interrupt may
overflow the stack and result in a segmentation fault. For instance,
if your work load involves successive JSON.parse calls and the parsed
objects are significantly deep, you may experience the process
aborting while parsing (CVE-2014-5256).
Multiple unspecified vulnerabilities in Google V8 before 188.8.131.52,
as used in Node.js before 0.10.31, allow attackers to cause a denial
of service or possibly have other impact via unknown vectors
The nodejs package has been updated to version 0.10.33 to fix these
issues as well as several other bugs.
See also :
Update the affected nodejs package.
Risk factor :
High / CVSS Base Score : 7.5