6 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-34337
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Mailman Core before 3.3.5. An attacker with access to the REST API could use timing attacks to determine the value of the configured...
Mailman < 3.3.5 REST API Vulnerability
Mailman is prone to a vulnerability in the REST API. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gnu:mailman"; ifdescription...
CVE-2021-34337
creationtimestamp| type| source ---|---|--- 2023-04-16 00:26:55+00:00| seen| https://t.me/cibsecurity/62241...
CVE-2021-34337
An issue was discovered in Mailman Core before 3.3.5. An attacker with access to the REST API could use timing attacks to determine the value of the configured REST API password and then make arbitrary REST API calls. The REST API is bound to localhost by default, limiting the ability for attacke...
CVE-2021-34337
Affected software: Mailman Core before 3.3.5. Vulnerability: REST API timing attack could allow an attacker with local access to deduce the configured REST API password and then perform arbitrary REST API calls. The REST API is bound to localhost by default, but can be configured to listen on oth...
CVE-2021-34337
A timing attack was found in the mailman administrative REST API due to the usage of a simple string comparison function when checking the password. This flaw allows an attacker who can talk to the REST API to discover the admin password due to timing leaks...