Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSDFFFA9257-3C17-11DB-86AB-00123FFE8333
HistoryJun 09, 2006 - 12:00 a.m.

mailman -- Multiple Vulnerabilities

2006-06-0900:00:00
vuxml.freebsd.org
12

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.321 Low

EPSS

Percentile

97.0%

JSON

Secunia reports:

Mailman can be exploited by malicious people to conduct cross-site
scripting and phishing attacks, and cause a DoS (Denial of
Service).

  1. An error in the logging functionality can be exploited to
    inject a spoofed log message into the error log via a specially
    crafted URL.
    Successful exploitation may trick an administrator into visiting
    a malicious web site.
  2. An error in the processing of malformed headers which does not
    follow the RFC 2231 standard can be exploited to cause a DoS
    (Denial of Service).
  3. Some unspecified input isn’t properly sanitised before being
    returned to the user. This can be exploited to execute arbitrary
    HTML and script code in a user’s browser session in context of an
    affected site.
OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchmailman< 2.1.9.r1UNKNOWN
FreeBSDanynoarchja-mailman< 2.1.9.r1UNKNOWN
FreeBSDanynoarchmailman-with-htdig< 2.1.9.r1UNKNOWN

Related

nessus 15
openvas 11
securityvulns 2
osv 1
ubuntu 1
debian 1
oraclelinux 2
gentoo 1
redhat 2
centos 1
debiancve 5
ubuntucve 4
veracode 3
cve 5
prion 3
packetstorm 1
nessus
nessus
FreeBSD : mailman -- Multiple Vulnerabilities (fffa9257-3c17-11db-86ab-00123ffe8333)
2006-09-05 00:00:00
Mandrake Linux Security Advisory : mailman (MDKSA-2006:165)
2006-12-16 00:00:00
openSUSE 10 Security Update : mailman (mailman-2170)
2007-10-17 00:00:00
openvas
openvas
FreeBSD Ports: mailman, ja-mailman, mailman-with-htdig
2008-09-04 00:00:00
FreeBSD Ports: mailman, ja-mailman, mailman-with-htdig
2008-09-04 00:00:00
SLES9: Security update for mailman
2009-10-10 00:00:00
securityvulns
securityvulns
[Full-disclosure] [USN-347-1] Linux kernel vulnerabilities
2006-09-19 00:00:00
Mailman 2.1.8 Multiple Security Issues
2006-09-14 00:00:00
osv
osv
mailman
2006-10-04 00:00:00
ubuntu
ubuntu
mailman vulnerabilities
2006-09-13 00:00:00
debian
debian
[SECURITY] [DSA 1188-1] New mailman packages fix several problems
2006-10-04 07:23:33
oraclelinux
oraclelinux
Moderate mailman security update
2006-11-30 00:00:00
mailman security and bug fix update
2007-11-27 00:00:00
gentoo
gentoo
Mailman: Multiple vulnerabilities
2006-09-19 00:00:00
redhat
redhat
(RHSA-2006:0600) mailman security update
2006-09-06 00:00:00
(RHSA-2007:0779) Low: mailman security and bug fix update
2007-11-15 00:00:00
centos
centos
mailman security update
2006-09-08 09:56:52
debiancve
debiancve
CVE-2006-4624
2006-09-07 19:04:00
CVE-2006-2941
2006-09-06 00:04:00
CVE-2006-2191
2006-09-19 21:07:00
ubuntucve
ubuntucve
CVE-2006-4624
2006-09-07 00:00:00
CVE-2006-2941
2006-09-06 00:00:00
CVE-2006-3636
2006-09-06 00:00:00
veracode
veracode
Phishing Attacks
2020-04-10 00:20:14
Denial Of Service (DoS)
2020-04-10 00:13:19
Cross-Site Scripting (XSS)
2020-04-10 00:13:19
cve
cve
CVE-2006-4624
2006-09-07 19:04:00
CVE-2006-2191
2006-09-19 21:07:00
CVE-2006-2941
2006-09-06 00:04:00
prion
prion
Format string
2006-09-19 21:07:00
Design/Logic Flaw
2006-09-06 00:04:00
Cross site scripting
2008-02-05 02:00:00
packetstorm
packetstorm
0013.txt
2006-09-14 00:00:00

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.321 Low

EPSS

Percentile

97.0%

JSON
Related for FFFA9257-3C17-11DB-86AB-00123FFE8333
nessus15openvas11securityvulns2osv1ubuntu1debian1oraclelinux2gentoo1redhat2centos1debiancve5ubuntucve4veracode3cve5prion3packetstorm1