This script is Copyright (C) 2015 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing a security update.
Updated nodejs package fixes security vulnerability :
It was found that libuv does not call setgoups before calling
setuid/setgid. This may potentially allow an attacker to gain elevated
The libuv library is bundled with nodejs, and a fixed version of libuv
is included with nodejs as of version 0.10.37. The nodejs package has
been updated to version 0.10.38 to fix this issue, as well as several
See also :
Update the affected nodejs package.
Risk factor :
Critical / CVSS Base Score : 10.0