8 matches found
Debian DSA-720-1 : smartlist - wrong input processing
Jeroen van Wolffelaar noticed that the confirm add-on of SmartList, the listmanager used on lists.debian.org, which is used on that host as well, could be tricked to subscribe arbitrary addresses to the lists. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...
CVE-2005-0157
The confirm add-on in SmartList 3.15 and earlier allows attackers to subscribe arbitrary e-mail addresses by using a valid cookie that specifies an address other than the address for which the cookie was assigned...
CVE-2005-0157
The confirm add-on in SmartList 3.15 and earlier allows attackers to subscribe arbitrary e-mail addresses by using a valid cookie that specifies an address other than the address for which the cookie was assigned...
CVE-2005-0157
CVE-2005-0157 affects SmartList’s confirm add-on (3.15 and earlier). The issue allows an attacker to subscribe arbitrary e-mail addresses by exploiting a valid cookie that encodes a different address than the one tied to the cookie. Public advisories (Debian DSA-720-1) note this as a remote input...
CVE-2005-0157
The confirm add-on in SmartList 3.15 and earlier allows attackers to subscribe arbitrary e-mail addresses by using a valid cookie that specifies an address other than the address for which the cookie was assigned...
CVE-2005-0157
The confirm add-on in SmartList 3.15 and earlier allows attackers to subscribe arbitrary e-mail addresses by using a valid cookie that specifies an address other than the address for which the cookie was assigned...
DEBIAN-CVE-2005-0157
The confirm add-on in SmartList 3.15 and earlier allows attackers to subscribe arbitrary e-mail addresses by using a valid cookie that specifies an address other than the address for which the cookie was assigned...
DSA-720-1 smartlist - wrong input processing
Bulletin has no description...