330 matches found
Sympa <= 6.2.59 Privilege Escalation Vulnerability
Sympa is prone to a privilege escalation vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you c...
Debian DLA-2441-1 : sympa security update
A privilege escalation was discovered in Sympa, a modern mailing list manager. It is fixed when Sympa is used in conjunction with common MTAs such as Exim or Postfix by disabling a setuid executable, although no fix is currently available for all environments such as sendmail. Additionally, an...
Debian: Security Advisory (DLA-2441-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2441-1] sympa security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2441-1 [email protected] https://www.debian.org/lts/security/ November 09, 2020 https://wiki.debian.org/LTS - -------------------------------------------------------------------------...
DLA-2441-1 sympa - security update
Bulletin has no description...
DEBIAN-CVE-2020-26932
debian/sympa.postinst for the Debian Sympa package before 6.2.40dfsg-7 uses mode 4755 for sympanewaliases-wrapper, whereas the intended permissions are mode 4750 for access by the sympa group...
CVE-2020-26932
debian/sympa.postinst for the Debian Sympa package before 6.2.40dfsg-7 uses mode 4755 for sympanewaliases-wrapper, whereas the intended permissions are mode 4750 for access by the sympa group...
CVE-2020-26932
debian/sympa.postinst for the Debian Sympa package before 6.2.40dfsg-7 uses mode 4755 for sympanewaliases-wrapper, whereas the intended permissions are mode 4750 for access by the sympa group...
CVE-2020-26932
debian/sympa.postinst for the Debian Sympa package before 6.2.40dfsg-7 uses mode 4755 for sympanewaliases-wrapper, whereas the intended permissions are mode 4750 for access by the sympa group...
UBUNTU-CVE-2020-26932
debian/sympa.postinst for the Debian Sympa package before 6.2.40dfsg-7 uses mode 4755 for sympanewaliases-wrapper, whereas the intended permissions are mode 4750 for access by the sympa group...
Design/Logic Flaw
debian/sympa.postinst for the Debian Sympa package before 6.2.40dfsg-7 uses mode 4755 for sympanewaliases-wrapper, whereas the intended permissions are mode 4750 for access by the sympa group...
CVE-2020-26932
debian/sympa.postinst for the Debian Sympa package before 6.2.40dfsg-7 uses mode 4755 for sympanewaliases-wrapper, whereas the intended permissions are mode 4750 for access by the sympa group...
CVE-2020-26932
debian/sympa.postinst for the Debian Sympa package before 6.2.40dfsg-7 uses mode 4755 for sympanewaliases-wrapper, whereas the intended permissions are mode 4750 for access by the sympa group...
CVE-2020-26932
CVE-2020-26932 is a Debian Sympa issue where the postinst script for the sympa package (before 6.2.40~dfsg-7) sets the sympa_newaliases-wrapper with mode 4755 instead of the intended 4750, allowing access by the sympa group. The Debian security advisories (DSA-4818) indicate this affects Sympa be...
Debian: Security Advisory (DLA-2401-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-2401-1 : sympa security update
Sympa, a modern mailing list manager, allows privilege escalation through setuid wrappers. A local attacker can obtain root access. For Debian 9 stretch, this problem has been fixed in version 6.2.16dfsg-3+deb9u3. We recommend that you upgrade your sympa packages. For the detailed security status...
[SECURITY] [DLA 2401-1] sympa security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2401-1 [email protected] https://www.debian.org/lts/security/ October 07, 2020 https://wiki.debian.org/LTS - -------------------------------------------------------------------------...
CVE-2020-26880
Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file which is owned by sympa and parsing it through the setuid sympanewaliases-wrapper executable...
CVE-2020-26880
Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file which is owned by sympa and parsing it through the setuid sympanewaliases-wrapper executable...
DEBIAN-CVE-2020-26880
Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file which is owned by sympa and parsing it through the setuid sympanewaliases-wrapper executable...