2 matches found
CVE-2001-0021
MailMan Webmail 3.0.25 and earlier is affected by an arbitrary command execution vulnerability in mmstdod.cgi. Input to the ALTERNATE_TEMPLATES/alternate_template parameters is not properly sanitized, allowing a remote attacker to execute arbitrary commands. The issue is documented in CVE-2001-00...
MailMan Webmail mmstdod.cgi Arbitrary Command Execution
The version of MailMan Webmail on the remote web server has an arbitrary command execution vulnerability. Input to the 'ALTERNATETEMPLATES' parameter of mmstdod.cgi is not properly sanitized. A remote attacker could exploit this to execute arbitrary commands on the system. %NASLMINLEVEL 70300 C...