3 matches found
Debian DSA-271-1 : ecartis - unauthorized password change
A problem has been discovered in ecartis, a mailing list manager, formerly known as listar. This vulnerability enables an attacker to reset the password of any user defined on the list server, including the list admins. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...
CVE-2003-0162
CVE-2003-0162 affects Ecartis 1.0.0 (formerly listar) prior to the 20030227 snapshot. The vulnerability lets a remote attacker reset other users’ passwords and gain privileges by tampering with hidden HTML form fields. Debian and OpenVAS records tie this to a remote password-change flaw in ecarti...
CVE-2003-0162
Ecartis 1.0.0 formerly listar before snapshot 20030227 allows remote attackers to reset passwords of other users and gain privileges by modifying hidden form fields in the HTML page...