ID OPENSUSE-2018-861.NASL Type nessus Reporter Tenable Modified 2018-09-12T00:00:00
Description
This update for mailman fixes the following issues :
Security issue fixed :
CVE-2018-13796: Fix a content spoofing vulnerability with invalid list name messages inside the web UI (boo#1101288).
Bug fixes :
update to 2.1.29 :
Fixed the listinfo and admin overview pages that were broken
update to 2.1.28 :
It is now possible to edit HTML and text templates via the web admin UI in a supported language other than the list's preferred_language.
The Japanese translation has been updated
The German translation has been updated
The Esperanto translation has been updated
The BLOCK_SPAMHAUS_LISTED_DBL_SUBSCRIBE feature added in 2.1.27 was not working. This is fixed.
Escaping of HTML entities for the web UI is now done more selectively.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2018-861.
#
# The text description of this plugin is (C) SUSE LLC.
#
include("compat.inc");
if (description)
{
script_id(111669);
script_version("1.2");
script_cvs_date("Date: 2018/09/12 15:00:26");
script_cve_id("CVE-2018-13796");
script_name(english:"openSUSE Security Update : mailman (openSUSE-2018-861)");
script_summary(english:"Check for the openSUSE-2018-861 patch");
script_set_attribute(
attribute:"synopsis",
value:"The remote openSUSE host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"This update for mailman fixes the following issues :
Security issue fixed :
- CVE-2018-13796: Fix a content spoofing vulnerability
with invalid list name messages inside the web UI
(boo#1101288).
Bug fixes :
- update to 2.1.29 :
- Fixed the listinfo and admin overview pages that were
broken
- update to 2.1.28 :
- It is now possible to edit HTML and text templates via
the web admin UI in a supported language other than the
list's preferred_language.
- The Japanese translation has been updated
- The German translation has been updated
- The Esperanto translation has been updated
- The BLOCK_SPAMHAUS_LISTED_DBL_SUBSCRIBE feature added in
2.1.27 was not working. This is fixed.
- Escaping of HTML entities for the web UI is now done
more selectively."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1101288"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected mailman packages."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mailman");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mailman-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mailman-debugsource");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.3");
script_set_attribute(attribute:"patch_publication_date", value:"2018/08/13");
script_set_attribute(attribute:"plugin_publication_date", value:"2018/08/14");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE15\.0|SUSE42\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.0 / 42.3", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(x86_64)$") audit(AUDIT_ARCH_NOT, "x86_64", ourarch);
flag = 0;
if ( rpm_check(release:"SUSE15.0", reference:"mailman-2.1.29-lp150.2.8.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"mailman-debuginfo-2.1.29-lp150.2.8.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"mailman-debugsource-2.1.29-lp150.2.8.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"mailman-2.1.29-2.11.2") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"mailman-debuginfo-2.1.29-2.11.2") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"mailman-debugsource-2.1.29-2.11.2") ) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mailman / mailman-debuginfo / mailman-debugsource");
}
{"id": "OPENSUSE-2018-861.NASL", "bulletinFamily": "scanner", "title": "openSUSE Security Update : mailman (openSUSE-2018-861)", "description": "This update for mailman fixes the following issues :\n\nSecurity issue fixed :\n\n - CVE-2018-13796: Fix a content spoofing vulnerability with invalid list name messages inside the web UI (boo#1101288).\n\nBug fixes :\n\n - update to 2.1.29 :\n\n - Fixed the listinfo and admin overview pages that were broken \n\n - update to 2.1.28 :\n\n - It is now possible to edit HTML and text templates via the web admin UI in a supported language other than the list's preferred_language.\n\n - The Japanese translation has been updated\n\n - The German translation has been updated\n\n - The Esperanto translation has been updated\n\n - The BLOCK_SPAMHAUS_LISTED_DBL_SUBSCRIBE feature added in 2.1.27 was not working. This is fixed.\n\n - Escaping of HTML entities for the web UI is now done more selectively.", "published": "2018-08-14T00:00:00", "modified": "2018-09-12T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=111669", "reporter": "Tenable", "references": ["https://bugzilla.opensuse.org/show_bug.cgi?id=1101288"], "cvelist": ["CVE-2018-13796"], "type": "nessus", "lastseen": "2019-02-21T01:41:33", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:novell:opensuse:mailman-debugsource", "cpe:/o:novell:opensuse:15.0", "p-cpe:/a:novell:opensuse:mailman-debuginfo", "p-cpe:/a:novell:opensuse:mailman", "cpe:/o:novell:opensuse:42.3"], "cvelist": ["CVE-2018-13796"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "This update for mailman fixes the following issues :\n\nSecurity issue fixed :\n\n - CVE-2018-13796: Fix a content spoofing vulnerability with invalid list name messages inside the web UI (boo#1101288).\n\nBug fixes :\n\n - update to 2.1.29 :\n\n - Fixed the listinfo and admin overview pages that were broken \n\n - update to 2.1.28 :\n\n - It is now possible to edit HTML and text templates via the web admin UI in a supported language other than the list's preferred_language.\n\n - The Japanese translation has been updated\n\n - The German translation has been updated\n\n - The Esperanto translation has been updated\n\n - The BLOCK_SPAMHAUS_LISTED_DBL_SUBSCRIBE feature added in 2.1.27 was not working. This is fixed.\n\n - Escaping of HTML entities for the web UI is now done more selectively.", "edition": 1, "enchantments": {"score": {"modified": "2018-08-15T15:17:45", "value": 5.0, "vector": "NONE"}}, "hash": "f842dbde13d64be5bb8e568038add7cd73e666c45cd673031f41142dfd075a2a", "hashmap": [{"hash": "247e3e74151deb051bb07e106e21073b", "key": "modified"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "14a65a38438535de08f4c8093c601154", "key": "href"}, {"hash": "247e3e74151deb051bb07e106e21073b", "key": "published"}, {"hash": "30a7a38045c999eb54804414613a6346", "key": "title"}, {"hash": "79097f53972389db5f1f5fd3683a4aad", "key": "pluginID"}, {"hash": "3056b56d9ea5dd7bcabc408514ebdd87", "key": "sourceData"}, {"hash": "50fa2a5fa02e850371a505f3775486dc", "key": "cpe"}, {"hash": "902c8a42794e07cd27f04c8f17cb180e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "29f0350207106c8b7a380d63d2762b22", "key": "references"}, {"hash": "0618398caeca24f3d6a4858750868b9a", "key": "description"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=111669", "id": "OPENSUSE-2018-861.NASL", "lastseen": "2018-08-15T15:17:45", "modified": "2018-08-14T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.3", "pluginID": "111669", "published": "2018-08-14T00:00:00", "references": ["https://bugzilla.opensuse.org/show_bug.cgi?id=1101288"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-861.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111669);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2018/08/14 12:09:43\");\n\n script_cve_id(\"CVE-2018-13796\");\n\n script_name(english:\"openSUSE Security Update : mailman (openSUSE-2018-861)\");\n script_summary(english:\"Check for the openSUSE-2018-861 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for mailman fixes the following issues :\n\nSecurity issue fixed :\n\n - CVE-2018-13796: Fix a content spoofing vulnerability\n with invalid list name messages inside the web UI\n (boo#1101288).\n\nBug fixes :\n\n - update to 2.1.29 :\n\n - Fixed the listinfo and admin overview pages that were\n broken \n\n - update to 2.1.28 :\n\n - It is now possible to edit HTML and text templates via\n the web admin UI in a supported language other than the\n list's preferred_language.\n\n - The Japanese translation has been updated\n\n - The German translation has been updated\n\n - The Esperanto translation has been updated\n\n - The BLOCK_SPAMHAUS_LISTED_DBL_SUBSCRIBE feature added in\n 2.1.27 was not working. This is fixed.\n\n - Escaping of HTML entities for the web UI is now done\n more selectively.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101288\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mailman packages.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"Medium\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mailman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mailman-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mailman-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0|SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0 / 42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"mailman-2.1.29-lp150.2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"mailman-debuginfo-2.1.29-lp150.2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"mailman-debugsource-2.1.29-lp150.2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mailman-2.1.29-2.11.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mailman-debuginfo-2.1.29-2.11.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mailman-debugsource-2.1.29-2.11.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mailman / mailman-debuginfo / mailman-debugsource\");\n}\n", "title": "openSUSE Security Update : mailman (openSUSE-2018-861)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 1, "lastseen": "2018-08-15T15:17:45"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:novell:opensuse:mailman-debugsource", "cpe:/o:novell:opensuse:15.0", "p-cpe:/a:novell:opensuse:mailman-debuginfo", "p-cpe:/a:novell:opensuse:mailman", "cpe:/o:novell:opensuse:42.3"], "cvelist": ["CVE-2018-13796"], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "This update for mailman fixes the following issues :\n\nSecurity issue fixed :\n\n - CVE-2018-13796: Fix a content spoofing vulnerability with invalid list name messages inside the web UI (boo#1101288).\n\nBug fixes :\n\n - update to 2.1.29 :\n\n - Fixed the listinfo and admin overview pages that were broken \n\n - update to 2.1.28 :\n\n - It is now possible to edit HTML and text templates via the web admin UI in a supported language other than the list's preferred_language.\n\n - The Japanese translation has been updated\n\n - The German translation has been updated\n\n - The Esperanto translation has been updated\n\n - The BLOCK_SPAMHAUS_LISTED_DBL_SUBSCRIBE feature added in 2.1.27 was not working. This is fixed.\n\n - Escaping of HTML entities for the web UI is now done more selectively.", "edition": 3, "enchantments": {"score": {"modified": "2018-09-14T11:59:27", "value": 5.0, "vector": "NONE"}}, "hash": "f5e3c20841f047a5e1445484564b6d9655a8bb4d89bab9e032c6011b2736ee8a", "hashmap": [{"hash": "6e9bdd2021503689a2ad9254c9cdf2b3", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "14a65a38438535de08f4c8093c601154", "key": "href"}, {"hash": "247e3e74151deb051bb07e106e21073b", "key": "published"}, {"hash": "30a7a38045c999eb54804414613a6346", "key": "title"}, {"hash": "79097f53972389db5f1f5fd3683a4aad", "key": "pluginID"}, {"hash": "f88d50f5167050f5b3367c6d99617b00", "key": "modified"}, {"hash": "50fa2a5fa02e850371a505f3775486dc", "key": "cpe"}, {"hash": "902c8a42794e07cd27f04c8f17cb180e", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "29f0350207106c8b7a380d63d2762b22", "key": "references"}, {"hash": "0618398caeca24f3d6a4858750868b9a", "key": "description"}, {"hash": "65da6474648e2968e0ca362d50daa4ef", "key": "sourceData"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=111669", "id": "OPENSUSE-2018-861.NASL", "lastseen": "2018-09-14T11:59:27", "modified": "2018-09-12T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.3", "pluginID": "111669", "published": "2018-08-14T00:00:00", "references": ["https://bugzilla.opensuse.org/show_bug.cgi?id=1101288"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-861.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111669);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/09/12 15:00:26\");\n\n script_cve_id(\"CVE-2018-13796\");\n\n script_name(english:\"openSUSE Security Update : mailman (openSUSE-2018-861)\");\n script_summary(english:\"Check for the openSUSE-2018-861 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for mailman fixes the following issues :\n\nSecurity issue fixed :\n\n - CVE-2018-13796: Fix a content spoofing vulnerability\n with invalid list name messages inside the web UI\n (boo#1101288).\n\nBug fixes :\n\n - update to 2.1.29 :\n\n - Fixed the listinfo and admin overview pages that were\n broken \n\n - update to 2.1.28 :\n\n - It is now possible to edit HTML and text templates via\n the web admin UI in a supported language other than the\n list's preferred_language.\n\n - The Japanese translation has been updated\n\n - The German translation has been updated\n\n - The Esperanto translation has been updated\n\n - The BLOCK_SPAMHAUS_LISTED_DBL_SUBSCRIBE feature added in\n 2.1.27 was not working. This is fixed.\n\n - Escaping of HTML entities for the web UI is now done\n more selectively.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101288\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mailman packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mailman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mailman-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mailman-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0|SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0 / 42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"mailman-2.1.29-lp150.2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"mailman-debuginfo-2.1.29-lp150.2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"mailman-debugsource-2.1.29-lp150.2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mailman-2.1.29-2.11.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mailman-debuginfo-2.1.29-2.11.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mailman-debugsource-2.1.29-2.11.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mailman / mailman-debuginfo / mailman-debugsource\");\n}\n", "title": "openSUSE Security Update : mailman (openSUSE-2018-861)", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 3, "lastseen": "2018-09-14T11:59:27"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:novell:opensuse:mailman-debugsource", "cpe:/o:novell:opensuse:15.0", "p-cpe:/a:novell:opensuse:mailman-debuginfo", "p-cpe:/a:novell:opensuse:mailman", "cpe:/o:novell:opensuse:42.3"], "cvelist": ["CVE-2018-13796"], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "This update for mailman fixes the following issues :\n\nSecurity issue fixed :\n\n - CVE-2018-13796: Fix a content spoofing vulnerability\n with invalid list name messages inside the web UI\n (boo#1101288).\n\nBug fixes :\n\n - update to 2.1.29 :\n\n - Fixed the listinfo and admin overview pages that were\n broken \n\n - update to 2.1.28 :\n\n - It is now possible to edit HTML and text templates via\n the web admin UI in a supported language other than the\n list's preferred_language.\n\n - The Japanese translation has been updated\n\n - The German translation has been updated\n\n - The Esperanto translation has been updated\n\n - The BLOCK_SPAMHAUS_LISTED_DBL_SUBSCRIBE feature added in\n 2.1.27 was not working. This is fixed.\n\n - Escaping of HTML entities for the web UI is now done\n more selectively.", "edition": 4, "enchantments": {"dependencies": {"modified": "2019-01-16T20:36:55", "references": [{"idList": ["SUSE_SU-2019-13924-1.NASL", "FEDORA_2018-E071E178F8.NASL", "SUSE_SU-2018-4296-1.NASL", "FREEBSD_PKG_B4F0AD3694A511E89007080027AC955C.NASL"], "type": "nessus"}, {"idList": ["B4F0AD36-94A5-11E8-9007-080027AC955C"], "type": "freebsd"}, {"idList": ["OPENSUSE-SU-2018:2309-1"], "type": "suse"}, {"idList": ["CVE-2018-13796"], "type": "cve"}, {"idList": ["DEBIAN:DLA-1442-2:65A4F", "DEBIAN:DLA-1442-1:47545"], "type": "debian"}, {"idList": ["OPENVAS:1361412562310851851", "OPENVAS:1361412562310874902", "OPENVAS:1361412562310891442"], "type": "openvas"}]}, "score": {"modified": "2019-01-16T20:36:55", "value": 5.0, "vector": "NONE"}}, "hash": "fcd9ba16bf0098ee17409a4e1bae9dbe590e27a0f3516a98fefd056a37669a5d", "hashmap": [{"hash": "6e9bdd2021503689a2ad9254c9cdf2b3", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "14a65a38438535de08f4c8093c601154", "key": "href"}, {"hash": "2b86b9ddea3ed9b92b3513efdf48c7df", "key": "description"}, {"hash": "247e3e74151deb051bb07e106e21073b", "key": "published"}, {"hash": "30a7a38045c999eb54804414613a6346", "key": "title"}, {"hash": "79097f53972389db5f1f5fd3683a4aad", "key": "pluginID"}, {"hash": "f88d50f5167050f5b3367c6d99617b00", "key": "modified"}, {"hash": "50fa2a5fa02e850371a505f3775486dc", "key": "cpe"}, {"hash": "902c8a42794e07cd27f04c8f17cb180e", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "29f0350207106c8b7a380d63d2762b22", "key": "references"}, {"hash": "65da6474648e2968e0ca362d50daa4ef", "key": "sourceData"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=111669", "id": "OPENSUSE-2018-861.NASL", "lastseen": "2019-01-16T20:36:55", "modified": "2018-09-12T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.3", "pluginID": "111669", "published": "2018-08-14T00:00:00", "references": ["https://bugzilla.opensuse.org/show_bug.cgi?id=1101288"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-861.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111669);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/09/12 15:00:26\");\n\n script_cve_id(\"CVE-2018-13796\");\n\n script_name(english:\"openSUSE Security Update : mailman (openSUSE-2018-861)\");\n script_summary(english:\"Check for the openSUSE-2018-861 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for mailman fixes the following issues :\n\nSecurity issue fixed :\n\n - CVE-2018-13796: Fix a content spoofing vulnerability\n with invalid list name messages inside the web UI\n (boo#1101288).\n\nBug fixes :\n\n - update to 2.1.29 :\n\n - Fixed the listinfo and admin overview pages that were\n broken \n\n - update to 2.1.28 :\n\n - It is now possible to edit HTML and text templates via\n the web admin UI in a supported language other than the\n list's preferred_language.\n\n - The Japanese translation has been updated\n\n - The German translation has been updated\n\n - The Esperanto translation has been updated\n\n - The BLOCK_SPAMHAUS_LISTED_DBL_SUBSCRIBE feature added in\n 2.1.27 was not working. This is fixed.\n\n - Escaping of HTML entities for the web UI is now done\n more selectively.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101288\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mailman packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mailman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mailman-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mailman-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0|SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0 / 42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"mailman-2.1.29-lp150.2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"mailman-debuginfo-2.1.29-lp150.2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"mailman-debugsource-2.1.29-lp150.2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mailman-2.1.29-2.11.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mailman-debuginfo-2.1.29-2.11.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mailman-debugsource-2.1.29-2.11.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mailman / mailman-debuginfo / mailman-debugsource\");\n}\n", "title": "openSUSE Security Update : mailman (openSUSE-2018-861)", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 4, "lastseen": "2019-01-16T20:36:55"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:novell:opensuse:mailman-debugsource", "cpe:/o:novell:opensuse:15.0", "p-cpe:/a:novell:opensuse:mailman-debuginfo", "p-cpe:/a:novell:opensuse:mailman", "cpe:/o:novell:opensuse:42.3"], "cvelist": ["CVE-2018-13796"], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "This update for mailman fixes the following issues :\n\nSecurity issue fixed :\n\n - CVE-2018-13796: Fix a content spoofing vulnerability with invalid list name messages inside the web UI (boo#1101288).\n\nBug fixes :\n\n - update to 2.1.29 :\n\n - Fixed the listinfo and admin overview pages that were broken \n\n - update to 2.1.28 :\n\n - It is now possible to edit HTML and text templates via the web admin UI in a supported language other than the list's preferred_language.\n\n - The Japanese translation has been updated\n\n - The German translation has been updated\n\n - The Esperanto translation has been updated\n\n - The BLOCK_SPAMHAUS_LISTED_DBL_SUBSCRIBE feature added in 2.1.27 was not working. This is fixed.\n\n - Escaping of HTML entities for the web UI is now done more selectively.", "edition": 2, "enchantments": {"score": {"modified": "2018-09-12T09:59:28", "value": 5.0, "vector": "NONE"}}, "hash": "2ec5a5d9285aaa94a893f735d0695c122e4907e712d6ace032885d428e5f6cae", "hashmap": [{"hash": "6e9bdd2021503689a2ad9254c9cdf2b3", "key": "cvss"}, {"hash": "247e3e74151deb051bb07e106e21073b", "key": "modified"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "14a65a38438535de08f4c8093c601154", "key": "href"}, {"hash": "247e3e74151deb051bb07e106e21073b", "key": "published"}, {"hash": "30a7a38045c999eb54804414613a6346", "key": "title"}, {"hash": "79097f53972389db5f1f5fd3683a4aad", "key": "pluginID"}, {"hash": "3056b56d9ea5dd7bcabc408514ebdd87", "key": "sourceData"}, {"hash": "50fa2a5fa02e850371a505f3775486dc", "key": "cpe"}, {"hash": "902c8a42794e07cd27f04c8f17cb180e", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "29f0350207106c8b7a380d63d2762b22", "key": "references"}, {"hash": "0618398caeca24f3d6a4858750868b9a", "key": "description"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=111669", "id": "OPENSUSE-2018-861.NASL", "lastseen": "2018-09-12T09:59:28", "modified": "2018-08-14T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.3", "pluginID": "111669", "published": "2018-08-14T00:00:00", "references": ["https://bugzilla.opensuse.org/show_bug.cgi?id=1101288"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-861.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111669);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2018/08/14 12:09:43\");\n\n script_cve_id(\"CVE-2018-13796\");\n\n script_name(english:\"openSUSE Security Update : mailman (openSUSE-2018-861)\");\n script_summary(english:\"Check for the openSUSE-2018-861 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for mailman fixes the following issues :\n\nSecurity issue fixed :\n\n - CVE-2018-13796: Fix a content spoofing vulnerability\n with invalid list name messages inside the web UI\n (boo#1101288).\n\nBug fixes :\n\n - update to 2.1.29 :\n\n - Fixed the listinfo and admin overview pages that were\n broken \n\n - update to 2.1.28 :\n\n - It is now possible to edit HTML and text templates via\n the web admin UI in a supported language other than the\n list's preferred_language.\n\n - The Japanese translation has been updated\n\n - The German translation has been updated\n\n - The Esperanto translation has been updated\n\n - The BLOCK_SPAMHAUS_LISTED_DBL_SUBSCRIBE feature added in\n 2.1.27 was not working. This is fixed.\n\n - Escaping of HTML entities for the web UI is now done\n more selectively.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101288\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mailman packages.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"Medium\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mailman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mailman-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mailman-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0|SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0 / 42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"mailman-2.1.29-lp150.2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"mailman-debuginfo-2.1.29-lp150.2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"mailman-debugsource-2.1.29-lp150.2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mailman-2.1.29-2.11.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mailman-debuginfo-2.1.29-2.11.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mailman-debugsource-2.1.29-2.11.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mailman / mailman-debuginfo / mailman-debugsource\");\n}\n", "title": "openSUSE Security Update : mailman (openSUSE-2018-861)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2018-09-12T09:59:28"}], "edition": 5, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "50fa2a5fa02e850371a505f3775486dc"}, {"key": "cvelist", "hash": "902c8a42794e07cd27f04c8f17cb180e"}, {"key": "cvss", "hash": "6e9bdd2021503689a2ad9254c9cdf2b3"}, {"key": "description", "hash": "0618398caeca24f3d6a4858750868b9a"}, {"key": "href", "hash": "14a65a38438535de08f4c8093c601154"}, {"key": "modified", "hash": "f88d50f5167050f5b3367c6d99617b00"}, {"key": "naslFamily", "hash": "71a40666da62ba38d22539c8277870c7"}, {"key": "pluginID", "hash": "79097f53972389db5f1f5fd3683a4aad"}, {"key": "published", "hash": "247e3e74151deb051bb07e106e21073b"}, {"key": "references", "hash": "29f0350207106c8b7a380d63d2762b22"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "65da6474648e2968e0ca362d50daa4ef"}, {"key": "title", "hash": "30a7a38045c999eb54804414613a6346"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "f5e3c20841f047a5e1445484564b6d9655a8bb4d89bab9e032c6011b2736ee8a", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2018-13796"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_B4F0AD3694A511E89007080027AC955C.NASL", "FEDORA_2018-E071E178F8.NASL", "SUSE_SU-2019-13924-1.NASL", "SUSE_SU-2018-4296-1.NASL"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1442-2:65A4F", "DEBIAN:DLA-1442-1:47545"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310874902", "OPENVAS:1361412562310851851", "OPENVAS:1361412562310891442"]}, {"type": "freebsd", "idList": ["B4F0AD36-94A5-11E8-9007-080027AC955C"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:2309-1"]}, {"type": "gentoo", "idList": ["GLSA-201904-10"]}], "modified": "2019-02-21T01:41:33"}, "score": {"value": 5.9, "vector": "NONE", "modified": "2019-02-21T01:41:33"}, "vulnersScore": 5.9}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-861.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111669);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/09/12 15:00:26\");\n\n script_cve_id(\"CVE-2018-13796\");\n\n script_name(english:\"openSUSE Security Update : mailman (openSUSE-2018-861)\");\n script_summary(english:\"Check for the openSUSE-2018-861 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for mailman fixes the following issues :\n\nSecurity issue fixed :\n\n - CVE-2018-13796: Fix a content spoofing vulnerability\n with invalid list name messages inside the web UI\n (boo#1101288).\n\nBug fixes :\n\n - update to 2.1.29 :\n\n - Fixed the listinfo and admin overview pages that were\n broken \n\n - update to 2.1.28 :\n\n - It is now possible to edit HTML and text templates via\n the web admin UI in a supported language other than the\n list's preferred_language.\n\n - The Japanese translation has been updated\n\n - The German translation has been updated\n\n - The Esperanto translation has been updated\n\n - The BLOCK_SPAMHAUS_LISTED_DBL_SUBSCRIBE feature added in\n 2.1.27 was not working. This is fixed.\n\n - Escaping of HTML entities for the web UI is now done\n more selectively.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101288\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mailman packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mailman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mailman-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mailman-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0|SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0 / 42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"mailman-2.1.29-lp150.2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"mailman-debuginfo-2.1.29-lp150.2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"mailman-debugsource-2.1.29-lp150.2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mailman-2.1.29-2.11.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mailman-debuginfo-2.1.29-2.11.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mailman-debugsource-2.1.29-2.11.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mailman / mailman-debuginfo / mailman-debugsource\");\n}\n", "naslFamily": "SuSE Local Security Checks", "pluginID": "111669", "cpe": ["p-cpe:/a:novell:opensuse:mailman-debugsource", "cpe:/o:novell:opensuse:15.0", "p-cpe:/a:novell:opensuse:mailman-debuginfo", "p-cpe:/a:novell:opensuse:mailman", "cpe:/o:novell:opensuse:42.3"], "scheme": null}
{"cve": [{"lastseen": "2019-04-16T11:19:36", "bulletinFamily": "NVD", "description": "An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.", "modified": "2019-04-15T08:23:42", "published": "2018-07-12T14:29:00", "id": "CVE-2018-13796", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-13796", "title": "CVE-2018-13796", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "nessus": [{"lastseen": "2019-02-21T01:45:19", "bulletinFamily": "scanner", "description": "New version 2.1.29. Security fix for CVE-2018-13796\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2019-01-03T00:00:00", "id": "FEDORA_2018-E071E178F8.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=120857", "published": "2019-01-03T00:00:00", "title": "Fedora 28 : 3:mailman (2018-e071e178f8)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-e071e178f8.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(120857);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2019/01/03 10:25:36\");\n\n script_cve_id(\"CVE-2018-13796\");\n script_xref(name:\"FEDORA\", value:\"2018-e071e178f8\");\n\n script_name(english:\"Fedora 28 : 3:mailman (2018-e071e178f8)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New version 2.1.29. Security fix for CVE-2018-13796\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-e071e178f8\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 3:mailman package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:3:mailman\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"mailman-2.1.29-1.fc28\", epoch:\"3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"3:mailman\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-02-21T01:41:27", "bulletinFamily": "scanner", "description": "Mark Sapiro reports :\n\nA URL with a very long text listname such as http://www.example.com/mailman/listinfo/This_is_a_long_string_with_som e_phishing_text will echo the text in the 'No such list' error response. This can be used to make a potential victim think the phishing text comes from a trusted site.\n\nThis issue was discovered by Hammad Qureshi.", "modified": "2018-11-10T00:00:00", "id": "FREEBSD_PKG_B4F0AD3694A511E89007080027AC955C.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=111478", "published": "2018-08-02T00:00:00", "title": "FreeBSD : mailman -- content spoofing with invalid list names in web UI (b4f0ad36-94a5-11e8-9007-080027ac955c)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111478);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/10 11:49:47\");\n\n script_cve_id(\"CVE-2018-13796\");\n\n script_name(english:\"FreeBSD : mailman -- content spoofing with invalid list names in web UI (b4f0ad36-94a5-11e8-9007-080027ac955c)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mark Sapiro reports :\n\nA URL with a very long text listname such as\nhttp://www.example.com/mailman/listinfo/This_is_a_long_string_with_som\ne_phishing_text will echo the text in the 'No such list' error\nresponse. This can be used to make a potential victim think the\nphishing text comes from a trusted site.\n\nThis issue was discovered by Hammad Qureshi.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.launchpad.net/mailman/+bug/1780874\"\n );\n # https://mail.python.org/pipermail/mailman-announce/2018-July/000241.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f8e5cd16\"\n );\n # https://vuxml.freebsd.org/freebsd/b4f0ad36-94a5-11e8-9007-080027ac955c.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e41e2c77\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ja-mailman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mailman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mailman-with-htdig\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"mailman<2.1.28\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"mailman-with-htdig<2.1.28\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ja-mailman<2.1.14.j7_6,1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-02-21T01:44:52", "bulletinFamily": "scanner", "description": "This update for mailman fixes the following security vulnerabilities :\n\nFixed a XSS vulnerability and information leak in user options CGI, which could be used to execute arbitrary scripts in the user's browser via specially encoded URLs (bsc#1077358 CVE-2018-5950)\n\nFixed a directory traversal vulnerability in MTA transports when using the recommended Mailman Transport for Exim (bsc#925502 CVE-2015-2775)\n\nFixed a XSS vulnerability, which allowed malicious listowners to inject scripts into the listinfo pages (bsc#1099510 CVE-2018-0618)\n\nFixed arbitrary text injection vulnerability in several mailman CGIs (CVE-2018-13796 bsc#1101288)\n\nFixed a CSRF vulnerability on the user options page (CVE-2016-6893 bsc#995352)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2019-02-06T00:00:00", "id": "SUSE_SU-2018-4296-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=119955", "published": "2018-12-31T00:00:00", "title": "SUSE SLES12 Security Update : mailman (SUSE-SU-2018:4296-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:4296-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119955);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/02/06 11:41:39\");\n\n script_cve_id(\"CVE-2015-2775\", \"CVE-2016-6893\", \"CVE-2018-0618\", \"CVE-2018-13796\", \"CVE-2018-5950\");\n script_bugtraq_id(73922);\n\n script_name(english:\"SUSE SLES12 Security Update : mailman (SUSE-SU-2018:4296-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for mailman fixes the following security vulnerabilities :\n\nFixed a XSS vulnerability and information leak in user options CGI,\nwhich could be used to execute arbitrary scripts in the user's browser\nvia specially encoded URLs (bsc#1077358 CVE-2018-5950)\n\nFixed a directory traversal vulnerability in MTA transports when using\nthe recommended Mailman Transport for Exim (bsc#925502 CVE-2015-2775)\n\nFixed a XSS vulnerability, which allowed malicious listowners to\ninject scripts into the listinfo pages (bsc#1099510 CVE-2018-0618)\n\nFixed arbitrary text injection vulnerability in several mailman CGIs\n(CVE-2018-13796 bsc#1101288)\n\nFixed a CSRF vulnerability on the user options page (CVE-2016-6893\nbsc#995352)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1077358\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1099510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101288\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=925502\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=995352\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-2775/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6893/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-0618/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-13796/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-5950/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20184296-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8457595a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2018-3062=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2018-3062=1\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2018-3062=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2018-3062=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-3062=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2018-3062=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-BCL-2018-3062=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2018-3062=1\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2018-3062=1\n\nSUSE Enterprise Storage 4:zypper in -t patch\nSUSE-Storage-4-2018-3062=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mailman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mailman-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mailman-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! ereg(pattern:\"^(0|1|2|3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0/1/2/3/4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"mailman-2.1.17-3.3.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"mailman-debuginfo-2.1.17-3.3.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"mailman-debugsource-2.1.17-3.3.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"mailman-2.1.17-3.3.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"mailman-debuginfo-2.1.17-3.3.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"mailman-debugsource-2.1.17-3.3.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mailman-2.1.17-3.3.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mailman-debuginfo-2.1.17-3.3.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mailman-debugsource-2.1.17-3.3.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"mailman-2.1.17-3.3.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"mailman-debuginfo-2.1.17-3.3.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"mailman-debugsource-2.1.17-3.3.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"mailman-2.1.17-3.3.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"mailman-debuginfo-2.1.17-3.3.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"mailman-debugsource-2.1.17-3.3.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"mailman-2.1.17-3.3.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"mailman-debuginfo-2.1.17-3.3.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"mailman-debugsource-2.1.17-3.3.3\")) flag++;\n\n\nif (flag)\n{\n set_kb_item(name:'www/0/XSS', value:TRUE);\n set_kb_item(name:'www/0/XSRF', value:TRUE);\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mailman\");\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:45:26", "bulletinFamily": "scanner", "description": "This update for mailman fixes the following issues :\n\nFixed a XSS vulnerability and information leak in user options CGI, which could be used to execute arbitrary scripts in the user's browser via specially encoded URLs (bsc#1077358 CVE-2018-5950)\n\nFixed a directory traversal vulnerability in MTA transports when using the recommended Mailman Transport for Exim (bsc#925502 CVE-2015-2775)\n\nFixed a XSS vulnerability, which allowed malicious listowners to inject scripts into the listinfo pages (bsc#1099510 CVE-2018-0618)\n\nFixed arbitrary text injection vulnerability in several mailman CGIs (CVE-2018-13796 bsc#1101288)\n\nFixed a CSRF vulnerability on the user options page (CVE-2016-6893 bsc#995352)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2019-02-06T00:00:00", "id": "SUSE_SU-2019-13924-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=121005", "published": "2019-01-08T00:00:00", "title": "SUSE SLES11 Security Update : mailman (SUSE-SU-2019:13924-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:13924-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121005);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/02/06 11:41:39\");\n\n script_cve_id(\"CVE-2015-2775\", \"CVE-2016-6893\", \"CVE-2018-0618\", \"CVE-2018-13796\", \"CVE-2018-5950\");\n script_bugtraq_id(73922);\n\n script_name(english:\"SUSE SLES11 Security Update : mailman (SUSE-SU-2019:13924-1)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for mailman fixes the following issues :\n\nFixed a XSS vulnerability and information leak in user options CGI,\nwhich could be used to execute arbitrary scripts in the user's browser\nvia specially encoded URLs (bsc#1077358 CVE-2018-5950)\n\nFixed a directory traversal vulnerability in MTA transports when using\nthe recommended Mailman Transport for Exim (bsc#925502 CVE-2015-2775)\n\nFixed a XSS vulnerability, which allowed malicious listowners to\ninject scripts into the listinfo pages (bsc#1099510 CVE-2018-0618)\n\nFixed arbitrary text injection vulnerability in several mailman CGIs\n(CVE-2018-13796 bsc#1101288)\n\nFixed a CSRF vulnerability on the user options page (CVE-2016-6893\nbsc#995352)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1077358\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1099510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101288\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=925502\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=995352\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-2775/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6893/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-0618/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-13796/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-5950/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-201913924-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?13d321d3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-mailman-13924=1\n\nSUSE Linux Enterprise Server 11-SP3-LTSS:zypper in -t patch\nslessp3-mailman-13924=1\n\nSUSE Linux Enterprise Point of Sale 11-SP3:zypper in -t patch\nsleposp3-mailman-13924=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-mailman-13924=1\n\nSUSE Linux Enterprise Debuginfo 11-SP3:zypper in -t patch\ndbgsp3-mailman-13924=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mailman\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! ereg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP3/4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"mailman-2.1.15-9.6.6.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"mailman-2.1.15-9.6.6.1\")) flag++;\n\n\nif (flag)\n{\n set_kb_item(name:'www/0/XSS', value:TRUE);\n set_kb_item(name:'www/0/XSRF', value:TRUE);\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mailman\");\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "suse": [{"lastseen": "2018-08-13T16:55:05", "bulletinFamily": "unix", "description": "This update for mailman fixes the following issues:\n\n Security issue fixed:\n\n - CVE-2018-13796: Fix a content spoofing vulnerability with invalid list\n name messages inside the web UI (boo#1101288).\n\n Bug fixes:\n\n - update to 2.1.29:\n * Fixed the listinfo and admin overview pages that were broken\n\n - update to 2.1.28:\n * It is now possible to edit HTML and text templates via the web admin\n UI in a supported language other than the list's preferred_language.\n * The Japanese translation has been updated\n * The German translation has been updated\n * The Esperanto translation has been updated\n * The BLOCK_SPAMHAUS_LISTED_DBL_SUBSCRIBE feature added in 2.1.27 was\n not working. This is fixed.\n * Escaping of HTML entities for the web UI is now done more selectively.\n\n", "modified": "2018-08-13T15:08:02", "published": "2018-08-13T15:08:02", "id": "OPENSUSE-SU-2018:2309-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-08/msg00046.html", "title": "Security update for mailman (moderate)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}], "openvas": [{"lastseen": "2019-03-18T14:24:04", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-08-07T00:00:00", "id": "OPENVAS:1361412562310874902", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874902", "title": "Fedora Update for mailman FEDORA-2018-e071e178f8", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_e071e178f8_mailman_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for mailman FEDORA-2018-e071e178f8\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874902\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-07 06:05:21 +0200 (Tue, 07 Aug 2018)\");\n script_cve_id(\"CVE-2018-13796\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for mailman FEDORA-2018-e071e178f8\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mailman'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"mailman on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-e071e178f8\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMI7UFFD7ZLOTUTAKJZPPN6H6ME47ECQ\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"mailman\", rpm:\"mailman~2.1.29~1.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-11-23T15:03:15", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2018-08-14T00:00:00", "id": "OPENVAS:1361412562310851851", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851851", "title": "SuSE Update for mailman openSUSE-SU-2018:2309-1 (mailman)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2018_2309_1.nasl 12497 2018-11-23 08:28:21Z cfischer $\n#\n# SuSE Update for mailman openSUSE-SU-2018:2309-1 (mailman)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851851\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-14 05:56:27 +0200 (Tue, 14 Aug 2018)\");\n script_cve_id(\"CVE-2018-13796\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SuSE Update for mailman openSUSE-SU-2018:2309-1 (mailman)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mailman'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"This update for mailman fixes the following issues:\n\n Security issue fixed:\n\n - CVE-2018-13796: Fix a content spoofing vulnerability with invalid list\n name messages inside the web UI (boo#1101288).\n\n Bug fixes:\n\n - update to 2.1.29:\n\n * Fixed the listinfo and admin overview pages that were broken\n\n - update to 2.1.28:\n\n * It is now possible to edit HTML and text templates via the web admin\n UI in a supported language other than the list's preferred_language.\n\n * The Japanese translation has been updated\n\n * The German translation has been updated\n\n * The Esperanto translation has been updated\n\n * The BLOCK_SPAMHAUS_LISTED_DBL_SUBSCRIBE feature added in 2.1.27 was\n not working. This is fixed.\n\n * Escaping of HTML entities for the web UI is now done more selectively.\n\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2018-861=1\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2018-861=1\");\n script_tag(name:\"affected\", value:\"mailman on openSUSE Leap 42.3\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:2309_1\");\n script_xref(name:\"URL\", value:\"http://lists.opensuse.org/opensuse-security-announce/2018-08/msg00046.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\nres = \"\";\n\nif(release == \"openSUSELeap42.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"mailman\", rpm:\"mailman~2.1.29~2.11.2\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mailman-debuginfo\", rpm:\"mailman-debuginfo~2.1.29~2.11.2\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mailman-debugsource\", rpm:\"mailman-debugsource~2.1.29~2.11.2\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-03-19T12:27:14", "bulletinFamily": "scanner", "description": "Two flaws were discovered in mailman, a web-based mailing list manager.\n\nCVE-2018-0618\n\nToshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc.\ndiscovered that mailman is prone to a cross-site scripting flaw\nallowing a malicious listowner to inject scripts into the listinfo\npage, due to not validated input in the host_name field.\n\nCVE-2018-13796\n\nHammad Qureshi discovered a content spoofing vulnerability with\ninvalid list name messages in the web UI.", "modified": "2019-03-18T00:00:00", "published": "2018-07-25T00:00:00", "id": "OPENVAS:1361412562310891442", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891442", "title": "Debian LTS Advisory ([SECURITY] [DLA 1442-1] mailman security update)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: deb_dla_1442.nasl 14281 2019-03-18 14:53:48Z cfischer $\n#\n# Auto-generated from advisory DLA 1442-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891442\");\n script_version(\"$Revision: 14281 $\");\n script_cve_id(\"CVE-2018-0618\", \"CVE-2018-13796\");\n script_name(\"Debian LTS Advisory ([SECURITY] [DLA 1442-1] mailman security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:53:48 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-07-25 00:00:00 +0200 (Wed, 25 Jul 2018)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/07/msg00034.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"mailman on Debian Linux\");\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n1:2.1.18-2+deb8u3.\n\nWe recommend that you upgrade your mailman packages.\");\n script_tag(name:\"summary\", value:\"Two flaws were discovered in mailman, a web-based mailing list manager.\n\nCVE-2018-0618\n\nToshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc.\ndiscovered that mailman is prone to a cross-site scripting flaw\nallowing a malicious listowner to inject scripts into the listinfo\npage, due to not validated input in the host_name field.\n\nCVE-2018-13796\n\nHammad Qureshi discovered a content spoofing vulnerability with\ninvalid list name messages in the web UI.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"mailman\", ver:\"1:2.1.18-2+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "freebsd": [{"lastseen": "2018-09-11T15:24:48", "bulletinFamily": "unix", "description": "\nMark Sapiro reports:\n\nA URL with a very long text listname such as\nhttp://www.example.com/mailman/listinfo/This_is_a_long_string_with_some_phishing_text\nwill echo the text in the \"No such list\" error response. This can be used to make a potential victim think the phishing text comes from a trusted site.\nThis issue was discovered by Hammad Qureshi.\n\n", "modified": "2018-07-09T00:00:00", "published": "2018-07-09T00:00:00", "id": "B4F0AD36-94A5-11E8-9007-080027AC955C", "href": "https://vuxml.freebsd.org/freebsd/b4f0ad36-94a5-11e8-9007-080027ac955c.html", "title": "mailman -- content spoofing with invalid list names in web UI", "type": "freebsd", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "debian": [{"lastseen": "2018-10-16T22:14:10", "bulletinFamily": "unix", "description": "Package : mailman\nVersion : 1:2.1.18-2+deb8u4\nDebian Bug : 904680\n\nThe security update of mailman announced as DLA-1442-1 introduced a\nregression due to an incomplete fix for CVE-2018-13796 that broke the\nadmin and listinfo overview pages.\n\nFor Debian 8 "Jessie", this problem has been fixed in version\n1:2.1.18-2+deb8u4.\n\nWe recommend that you upgrade your mailman packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "modified": "2018-07-27T05:54:45", "published": "2018-07-27T05:54:45", "id": "DEBIAN:DLA-1442-2:65A4F", "href": "https://lists.debian.org/debian-lts-announce/2018/debian-lts-announce-201807/msg00039.html", "title": "[SECURITY] [DLA 1442-2] mailman regression update", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-10-16T22:14:14", "bulletinFamily": "unix", "description": "Package : mailman\nVersion : 1:2.1.18-2+deb8u3\nCVE ID : CVE-2018-0618 CVE-2018-13796\nDebian Bug : 903674\n\nTwo flaws were discovered in mailman, a web-based mailing list manager.\n\nCVE-2018-0618\n\n Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc.\n discovered that mailman is prone to a cross-site scripting flaw\n allowing a malicious listowner to inject scripts into the listinfo\n page, due to not validated input in the host_name field.\n\nCVE-2018-13796\n\n Hammad Qureshi discovered a content spoofing vulnerability with\n invalid list name messages in the web UI.\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n1:2.1.18-2+deb8u3.\n\nWe recommend that you upgrade your mailman packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "modified": "2018-07-24T21:22:39", "published": "2018-07-24T21:22:39", "id": "DEBIAN:DLA-1442-1:47545", "href": "https://lists.debian.org/debian-lts-announce/2018/debian-lts-announce-201807/msg00034.html", "title": "[SECURITY] [DLA 1442-1] mailman security update", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "gentoo": [{"lastseen": "2019-04-08T18:53:42", "bulletinFamily": "unix", "description": "### Background\n\nMailman is a Python based mailing list server with an extensive web interface. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Mailman. Please review the referenced CVE identifier for details. \n\n### Impact\n\nPlease review the referenced CVE identifiers for details.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Mailman users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-mail/mailman-2.1.29\"", "modified": "2019-04-08T00:00:00", "published": "2019-04-08T00:00:00", "id": "GLSA-201904-10", "href": "https://security.gentoo.org/glsa/201904-10", "title": "Mailman: Multiple vulnerabilities", "type": "gentoo", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}]}
