Executive Summary
| Summary | |
|---|---|
| Title | mailman security and bug fix update |
| Informations | |||
|---|---|---|---|
| Name | RHSA-2007:0779 | First vendor Publication | 2007-11-15 |
| Vendor | RedHat | Last vendor Modification | 2007-11-15 |
| Severity (Vendor) | Low | Revision | 02 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:H/Au:N/C:N/I:P/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 2.6 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | High |
| Cvss Expoit Score | 4.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Problem Description: Updated mailman packages that fix a security issue and various bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Mailman is a program used to help manage email discussion lists. A flaw was found in Mailman. A remote attacker could spoof messages in the error log, and possibly trick the administrator into visiting malicious URLs via a carriage return/line feed sequence in the URI. (CVE-2006-4624) As well, these updated packages fix the following bugs: * canceling a subscription on the confirm subscription request page caused mailman to crash. * editing the sender filter caused all spam filter rules to be deleted. * the migrate-fhs script was not included. * the mailman init script returned a zero (success) exit code even when an incorrect command was given. For example, the "mailman foo" command returned a zero exit code. In these updated packages the mailmain init script returns the correct exit codes. Users of Mailman are advised to upgrade to these updated packages, which resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 200036 - Canceling subscription confirmation crashes mailman 205651 - CVE-2006-4624 mailman logfile CRLF injection 223191 - Spam filters gets deleted when sender filter is edited 230939 - mailman-2.1.5.1-34.rhel4.5 is missing migrate-fhs script 242677 - Wrong init script |
Original Source
| Url : https://rhn.redhat.com/errata/RHSA-2007-0779.html |
CAPEC : Common Attack Pattern Enumeration & Classification
| Id | Name |
|---|---|
| CAPEC-15 | Command Delimiters |
| CAPEC-34 | HTTP Response Splitting |
| CAPEC-81 | Web Logs Tampering |
| CAPEC-93 | Log Injection-Tampering-Forging |
| CAPEC-106 | Cross Site Scripting through Log Files |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:9756 | |||
| Oval ID: | oval:org.mitre.oval:def:9756 | ||
| Title: | CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 allows remote attackers to spoof messages in the error log and possibly trick the administrator into visiting malicious URLs via CRLF sequences in the URI. | ||
| Description: | CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 allows remote attackers to spoof messages in the error log and possibly trick the administrator into visiting malicious URLs via CRLF sequences in the URI. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2006-4624 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2008-09-04 | Name : FreeBSD Ports: mailman, ja-mailman, mailman-with-htdig File : nvt/freebsd_mailman7.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 1188-1 (mailman) File : nvt/deb_1188_1.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 28436 | Mailman Utils.py Spoofed Log Entry Injection |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2013-06-29 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2007-0779.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20071115_mailman_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2007-11-16 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2007-0779.nasl - Type : ACT_GATHER_INFO |
| 2006-12-16 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2006-165.nasl - Type : ACT_GATHER_INFO |
| 2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1188.nasl - Type : ACT_GATHER_INFO |
| 2006-09-05 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_fffa92573c1711db86ab00123ffe8333.nasl - Type : ACT_GATHER_INFO |
| 2006-09-05 | Name : The remote web server contains a Python application that is affected by a log... File : mailman_log_spoof.nasl - Type : ACT_ATTACK |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:50:57 |
|
