MiracleLinux 8 : mailman:2.1 (AXSA:2022-2979:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-2979:01 advisory. mailman: CSRF token bypass allows to perform CSRF attacks and admin takeover CVE-2021-44227 Tenable has extracted the preceding description block directly fr...

RHSA-2021:4916 Red Hat Security Advisory: mailman:2.1 security update

Bulletin has no description...

RHSA-2021:4915 Red Hat Security Advisory: mailman:2.1 security update

Bulletin has no description...

Oracle Linux 8 : mailman:2.1 (ELSA-2021-4826)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-4826 advisory. - Fix for CVE-2021-42096 - Fix for CVE-2021-42097 Tenable has extracted the preceding description block directly from the Oracle Linux security advisor...

EulerOS 2.0 SP5 : mailman (EulerOS-SA-2022-1277)

According to the versions of the mailman package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Cross-site request forgery CSRF vulnerability in the user options page in GNU Mailman 2.1.x before 2.1.23 allows remote attackers to hijack the...

EulerOS 2.0 SP3 : mailman (EulerOS-SA-2022-1177)

According to the versions of the mailman package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Cross-site request forgery CSRF vulnerability in the user options page in GNU Mailman 2.1.x before 2.1.23 allows remote attackers to hijack the...

Important: Red Hat Security Advisory: mailman:2.1 security update

An update for the mailman:2.1 module is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

RHEL 8 : mailman:2.1 (RHSA-2021:5081)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:5081 advisory. Mailman is a program used to help manage e-mail discussion lists. Security Fixes: mailman: CSRF token bypass allows to perform CSRF attacks and admin...

RHEL 8 : mailman:2.1 (RHSA-2021:5080)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:5080 advisory. Mailman is a program used to help manage e-mail discussion lists. Security Fixes: mailman: CSRF token bypass allows to perform CSRF attacks and admin...

RHEL 8 : mailman:2.1 (RHSA-2021:4915)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:4915 advisory. Mailman is a program used to help manage e-mail discussion lists. Security Fixes: mailman: CSRF token bypass allows to perform CSRF attacks and admin...

mailman:2.1 security update

3:2.1.29-12.2 - Fix for CVE-2021-44227 - Resolves: 2026871 3:2.1.29-12.1 - Fix for CVE-2021-42096 - Fix for CVE-2021-42097 - Resolves: 2021139, 2020692...

RHEL 8 : mailman:2.1 (RHSA-2021:4838)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4838 advisory. Mailman is a program used to help manage e-mail discussion lists. Security Fixes: mailman: CSRF token bypass allows to perform CSRF attacks...

Important: Red Hat Security Advisory: mailman:2.1 security update

An update for the mailman:2.1 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

mailman:2.1 security and bug fix update

3:2.1.29-10 - Fix match patter to reduce false allocation 3:2.1.29-9 - Fix for CVE-2020-12137 3:2.1.29-8 - Drop unversioned python from comments. 3:2.1.29-7 - Change attr of /etc/mailman 3:2.1.29-6 - Update run directory references 1805954 - fix 1188043 - set 2775 permission for /etc/mailman...

RHEL 8 : mailman:2.1 (RHSA-2020:4667)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:4667 advisory. Mailman is a program used to help manage e-mail discussion lists. Security Fixes: mailman: XSS via file attachments in list archives CVE-2020-12137 F...

Amazon Linux AMI : mailman (ALAS-2018-985)

Cross-site scripting XSS vulnerability in web UI A cross-site scripting XSS flaw was found in mailman. An attacker, able to trick the user into visiting a specific URL, can execute arbitrary web scripts on the user's side and force the victim to perform unintended actions. CVE-2018-5950 CSRF...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the user options page in GNU Mailman 2.1.x before 2.1.23 allows remote attackers to hijack the authentication of arbitrary users for requests that modify an option, as demonstrated by gaining access to the credentials of a victim's account...

CVE-2016-6893

GNU Mailman 2.1.x contains a CSRF vulnerability (CVE-2016-6893) in the user options page that allows remote attackers to hijack a user’s session and perform option-modifying requests, potentially accessing victim credentials. The root cause is CSRF token protection not being correctly tied to the...

CVE-2016-6893

Removed by vendor...

CVE-2016-6893

Cross-site request forgery CSRF vulnerability in the user options page in GNU Mailman 2.1.x before 2.1.23 allows remote attackers to hijack the authentication of arbitrary users for requests that modify an option, as demonstrated by gaining access to the credentials of a victim's account...