Executive Summary
Summary | |
---|---|
Title | New mailman packages really fix several vulnerabilities |
Informations | |||
---|---|---|---|
Name | DSA-674 | First vendor Publication | 2005-02-10 |
Vendor | Debian | Last vendor Modification | 2005-02-21 |
Severity (Vendor) | N/A | Revision | 3 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Due to an incompatibility between Python 1.5 and 2.1 the last mailman update did not run with Python 1.5 anymore. This problem is corrected with this update. This advisory only updates the packages updated with DSA 674-2. The version in unstable is not affected since it is not supposed to work with Python 1.5 anymore. For completeness below is the original advisory text: Two security related problems have been discovered in mailman, web-based GNU mailing list manager. The Common Vulnerabilities and Exposures project identifies the following problems: CAN-2004-1177 Florian Weimer discovered a cross-site scripting vulnerability in mailman's automatically generated error messages. An attacker could craft an URL containing JavaScript (or other content embedded into HTML) which triggered a mailman error page that would include the malicious code verbatim. CAN-2005-0202 Several listmasters have noticed unauthorised access to archives of private lists and the list configuration itself, including the users passwords. Administrators are advised to check the webserver logfiles for requests that contain "/...../" and the path to the archives or cofiguration. This does only seem to affect installations running on web servers that do not strip slashes, such as Apache 1.3. For the stable distribution (woody) these problems have been fixed in version 2.0.11-1woody11. We recommend that you upgrade your mailman package. |
Original Source
Url : http://www.debian.org/security/2005/dsa-674 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10657 | |||
Oval ID: | oval:org.mitre.oval:def:10657 | ||
Title: | dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure before it is freed, which leads to a memory disclosure that could allow local users to obtain sensitive information about a cryptographic key. | ||
Description: | Directory traversal vulnerability in the true_path function in private.py for Mailman 2.1.5 and earlier allows remote attackers to read arbitrary files via ".../....///" sequences, which are not properly cleansed by regular expressions that are intended to remove "../" and "./" sequences. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0202 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11113 | |||
Oval ID: | oval:org.mitre.oval:def:11113 | ||
Title: | Cross-site scripting (XSS) vulnerability in the driver script in mailman before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page. | ||
Description: | Cross-site scripting (XSS) vulnerability in the driver script in mailman before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-1177 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-10-10 | Name : SLES9: Security update for mailman File : nvt/sles9p5016406.nasl |
2009-10-10 | Name : SLES9: Security update for mailman File : nvt/sles9p5018754.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200501-29 (mailman) File : nvt/glsa_200501_29.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200502-11 (mailman) File : nvt/glsa_200502_11.nasl |
2008-09-04 | Name : FreeBSD Ports: mailman, ja-mailman File : nvt/freebsd_mailman.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 674-1 (mailman) File : nvt/deb_674_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 674-2 (mailman) File : nvt/deb_674_2.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 674-3 (mailman) File : nvt/deb_674_3.nasl |
2005-11-03 | Name : Mailman private.py Directory Traversal Vulnerability File : nvt/mailman_privatepy_directory_traversal.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
14941 | Mailman scripts/driver Error Message XSS |
13671 | Mailman private.py true_path Function Traversal Arbitrary File Access |
12855 | Mailman Automatic Password Generation Weakness Mailman contains a flaw that may allow a malicious user to determine a user's password. The issue is triggered when a malicious user attempts to brute force an account with the five million possible passwords. It is possible that the flaw may allow unauthorized access resulting in a loss of confidentiality. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | mailman directory traversal attempt RuleID : 3131-community - Revision : 10 - Type : SERVER-WEBAPP |
2014-01-10 | mailman directory traversal attempt RuleID : 3131 - Revision : 10 - Type : SERVER-WEBAPP |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2012-09-24 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-131.nasl - Type : ACT_GATHER_INFO |
2012-09-24 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-132.nasl - Type : ACT_GATHER_INFO |
2006-04-04 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-267-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-78-2.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-78-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-59-1.nasl - Type : ACT_GATHER_INFO |
2005-09-12 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-242.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_c7ccc33f7d3111d9a9e70001020eed82.nasl - Type : ACT_GATHER_INFO |
2005-05-19 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-241.nasl - Type : ACT_GATHER_INFO |
2005-03-21 | Name : The remote host is missing a Mac OS X update that fixes a security issue. File : macosx_SecUpd2005-003.nasl - Type : ACT_GATHER_INFO |
2005-03-21 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-235.nasl - Type : ACT_GATHER_INFO |
2005-02-22 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-137.nasl - Type : ACT_GATHER_INFO |
2005-02-15 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2005-037.nasl - Type : ACT_GATHER_INFO |
2005-02-14 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200501-29.nasl - Type : ACT_GATHER_INFO |
2005-02-14 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200502-11.nasl - Type : ACT_GATHER_INFO |
2005-02-14 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_007.nasl - Type : ACT_GATHER_INFO |
2005-02-10 | Name : Authenticated Mailman users can view arbitrary files on the remote host. File : mailman_privatepy_directory_traversal.nasl - Type : ACT_GATHER_INFO |
2005-02-10 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-136.nasl - Type : ACT_GATHER_INFO |
2005-02-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-674.nasl - Type : ACT_GATHER_INFO |
2005-01-25 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2005-015.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:33:52 |
|