MiracleLinux 4 : mailman-2.1.12-25.AXS4 (AXSA:2015-303:01)

🗓️ 16 Jan 2026 00:00:00Reported by TenableType

MiracleLinux 4 mailman fixes CVE-2002-0389 and CVE-2015-2775; DMARC DKIM alignment.

Reporter	Title	Published	Views	Family All 87
ALT Linux	Security fix for the ALT Linux 9 package mailman version 5:2.1.21-alt0.1.rc2	5 Feb 201600:00	–	altlinux
FreeBSD	mailman -- path traversal vulnerability	27 Mar 201500:00	–	freebsd
Amazon	Medium: mailman	17 Aug 201500:00	–	amazon
Tenable Nessus	Amazon Linux AMI : mailman (ALAS-2015-582)	18 Aug 201500:00	–	nessus
Tenable Nessus	CentOS 7 : mailman (CESA-2015:1153)	24 Jun 201500:00	–	nessus
Tenable Nessus	CentOS 6 : mailman (CESA-2015:1417)	28 Jul 201500:00	–	nessus
Tenable Nessus	Debian DLA-186-1 : mailman security update	7 Apr 201500:00	–	nessus
Tenable Nessus	Debian DSA-3214-1 : mailman - security update	8 Apr 201500:00	–	nessus
Tenable Nessus	Fedora 21 : mailman-2.1.20-1.fc21 (2015-5216)	4 May 201500:00	–	nessus
Tenable Nessus	Fedora 22 : mailman-2.1.20-1.fc22 (2015-5333)	22 Apr 201500:00	–	nessus

Source	Link
tsn	www.tsn.miraclelinux.com/en/node/5648
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Miracle Linux Security Advisory AXSA:2015-303:01.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(289971);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/16");

  script_cve_id("CVE-2002-0389", "CVE-2015-2775");

  script_name(english:"MiracleLinux 4 : mailman-2.1.12-25.AXS4 (AXSA:2015-303:01)");

  script_set_attribute(attribute:"synopsis", value:
"The remote MiracleLinux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the
AXSA:2015-303:01 advisory.

    Mailman is software to help manage email discussion lists, much like
    Majordomo and Smartmail. Unlike most similar products, Mailman gives
    each mailing list a webpage, and allows users to subscribe,
    unsubscribe, etc. over the Web. Even the list manager can administer
    his or her list entirely from the Web. Mailman also integrates most
    things people want to do with mailing lists, including archiving, mail
    <-> news gateways, and so on.
    Security issues fixed with this release:
    CVE-2002-0389
    CVE-2015-2775
    Fixed bugs:
    * Previously, it was impossible to configure Mailman in a way that Domain-based
    Message Authentication, Reporting & Conformance (DMARC) would recognize
    Sender alignment for Domain Key Identified Mail (DKIM) signatures. Consequently,
    Mailman list subscribers that belonged to a mail server with a reject policy
    for DMARC, such as yahoo.com or AOL.com, were unable to receive Mailman
    forwarded messages from senders residing in any domain that provided DKIM
    signatures. With this update, the bug was fixed.
    * Mailman used a console encoding when generating a subject for a welcome
    email when new mailing lists were created by the newlist command.
    Consequently, when the console encoding did not match the encoding used by
    Mailman for that particular language, characters in the welcome email could be
    displayed incorrectly. With this update, the problem was fixed.
    * The rmlist command used a hardcoded path to list data based on the
    VAR_PREFIX configuration variable. As a consequence, when the list was created
    outside of VAR_PREFIX, it was impossible to remove it using the rmlist
    command. With this update, this bug was fixed.
    * Due to an incompatibility between Python and Mailman in Asianux Server 4,
    when moderators were approving a moderated message to a mailing list
    and checked the Preserve messages for the site administrator checkbox, Mailman
    failed to approve the message and returned an error. This incompatibility has
    been fixed with this update.
    * When Mailman was set to not archive a list but the archive was not set to
    private, attachments sent to that list were placed in a public archive.
    Consequently, users of Mailman web interface could list private attachments
    because httpd configuration of public archive directory allows listing all files
    in the archive directory. The httpd configuration of Mailman has been fixed in
    this update.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://tsn.miraclelinux.com/en/node/5648");
  script_set_attribute(attribute:"solution", value:
"Update the affected mailman package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-2775");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2002-0389");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"vendor_severity", value:"Moderate");

  script_set_attribute(attribute:"vuln_publication_date", value:"2002/04/16");
  script_set_attribute(attribute:"patch_publication_date", value:"2015/08/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/16");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:mailman");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:miracle:linux:4");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Miracle Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/MiracleLinux/release", "Host/MiracleLinux/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'MIRACLE LINUX' >!< os_product) audit(AUDIT_OS_NOT, 'MIRACLE LINUX');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'MIRACLE LINUX');
if (! preg(pattern:"^4([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'MiracleLinux 4.x', 'MIRACLE LINUX ' + os_version);

if (!get_kb_item('Host/MiracleLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'ppc' >!< cpu && 's390' >!< cpu && 'x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'MIRACLE LINUX', cpu);

var constraints = [
  {
    'release': '4',
    'pkgs': [
      {'reference':'mailman-2.1.12-25.AXS4', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'mailman-2.1.12-25.AXS4', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}
if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'mailman');
}

16 Jan 2026 00:00Current

7.7High risk

Vulners AI Score7.7

CVSS 27.6

EPSS0.06687