25 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-0618
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified...
RHEL 6 : mailman (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mailman: CSRF token bypass allows to perform CSRF attacks and account takeover CVE-2021-42097 - mailman:...
Mageia: Security Advisory (MGASA-2018-0313)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:13924-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for mailman (EulerOS-SA-2021-1326)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for mailman (EulerOS-SA-2021-1096)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Medium: mailman
Issue Overview: A cross-site scripting vulnerability XSS has been discovered in mailman due to the hostname field not being properly validated. A malicious list owner could use this flaw to create a specially crafted list and inject client-side scripts. CVE-2018-0618 An issue was discovered in GN...
Amazon Linux AMI : mailman (ALAS-2020-1395)
The version of mailman installed on the remote host is prior to 2.1.15-30.25. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1395 advisory. Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject...
Medium: mailman
Issue Overview: Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. CVE-2018-0618 An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be...
Ubuntu 16.04 LTS / 18.04 LTS : Mailman vulnerabilities (USN-4348-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4348-1 advisory. It was discovered that Mailman incorrectly handled certain inputs. An attacker could possibly use this to issue execute arbitrary scripts or...
USN-4348-1: Mailman vulnerabilities
It was discovered that Mailman incorrectly handled certain inputs. An attacker could possibly use this to issue execute arbitrary scripts or HTML. CVE-2018-0618 It was discovered that Mailman incorrectly handled certain inputs. An attacker could possibly use this issue to display arbitrary text o...
openSUSE Security Update : mailman (openSUSE-2019-495)
This update for mailman to version 2.1.27 fixes the following issues : This security issue was fixed : - CVE-2018-0618: Additional protections against injecting scripts into listinfo and error messages pages bsc1099510. These non-security issues were fixed : - The hash generated when...
Security fix for the ALT Linux 9 package mailman version 5:2.1.29-alt1
Jan. 6, 2019 Dmitry V. Levin 5:2.1.29-alt1 - 2.1.26 - 2.1.29 fixes: CVE-2018-0618, CVE-2018-13796. - Enhanced init script. - Added tmpfiles.d5 rules and a systemd unit file for mailman...
Fedora 28 : 3:mailman (2018-f8fd4c5798)
Add fix for CVE-2018-0618 1596459 ---- Add fix for CVE-2018-0618 1596460 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...
CVE-2018-0618
Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2018-0618
The provided documents confirm CVE-2018-0618 is a cross-site scripting vulnerability in Mailman prior to or including 2.1.26, caused by unvalidated input in the host_name field, enabling a malicious listowner to inject scripts on the listinfo page. Affected product: Mailman (versions up to 2.1.26...
CVE-2018-0618
Removed by vendor...
[SECURITY] [DLA 1442-1] mailman security update
Package : mailman Version : 1:2.1.18-2+deb8u3 CVE ID : CVE-2018-0618 CVE-2018-13796 Debian Bug : 903674 Two flaws were discovered in mailman, a web-based mailing list manager. CVE-2018-0618 Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. discovered that mailman is prone to a cross-si...
Debian DSA-4246-1 : mailman - security update
Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. discovered that mailman, a web-based mailing list manager, is prone to a cross-site scripting flaw allowing a malicious listowner to inject scripts into the listinfo page, due to not validated input in the hostname field. C Tenable...
[SECURITY] [DSA 4246-1] mailman security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4246-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 15, 2018 https://www.debian.org/security/faq -...