EUVD-2005-0081

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-15011

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page. CVE-2020-15011 Note that Nessus relies on the...

SUSE-SU-2022:1886-1 Security update for mailman

This update for mailman fixes the following issues: - CVE-2021-44227: Preventing list moderator or list member accessing the admin UI bsc1193316. - CVE-2021-43332: Preventing list moderator from cracking the list admin password encrypted in a CSRF token bsc1192741. - CVE-2021-43331: Fixed XSS in...

OPENSUSE-SU-2021:1452-1 Security update for mailman

This update for mailman fixes the following issues: Update to 2.1.35 to fix 2 security issues: - A potential for for a list member to carry out an off-line brute force attack to obtain the list admin password has been reported by Andre Protas, Richard Cloke and Andy Nuttall of Apple. This is fixe...

mailman:2.1 security update

An update is available for mailman. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mailman is a program used to help manage e-mail discussion lists. Security...

SUSE-SU-2020:2048-1 Security update for mailman

This update for mailman fixes the following issues: - CVE-2020-15011: Fixed a possible Arbitrary Content Injection via the private archive login page bsc1173369...

SUSE-SU-2020:14423-1 Security update for mailman

This update for mailman fixes the following issues: - CVE-2020-15011: Fixed a possible Arbitrary Content Injection via the private archive login page bsc1173369...

CVE-2020-15011

GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page...

OPENSUSE-SU-2020:0764-1 Security update for mailman

This update for mailman fixes the following issues: Security issue fixed: - CVE-2020-12108: Fixed a content injection bug boo1171363. Non-security issue fixed: - Don't default to invalid hosts for DEFAULTEMAILHOST boo682920 This update was imported from the openSUSE:Leap:15.1:Update update projec...

SUSE-SU-2020:1301-1 Security update for mailman

This update for mailman fixes the following issues: Security issue fixed: - CVE-2020-12108: Fixed a content injection bug bsc1171363. - CVE-2020-12137: Fixed a XSS vulnerability caused by MIME type confusion bsc1170558. Non-security issue fixed: - Fixed rights and ownership on...

CVE-2020-12108

Removed by vendor...

SUSE-SU-2020:14356-1 Security update for mailman

This update for mailman fixes the following issues: Security issue fixed: - CVE-2020-12137: Fixed a XSS vulnerability caused by MIME type confusion bsc1170558. Non-security issue fixed: - Fixed rights and ownership on /var/lib/mailman/archives bsc1167068...

SUSE-SU-2019:3076-1 Security update for mailman

This update for mailman fixes the following issues: - CVE-2019-3693: Fixed a local privilege escalation from wwwrun to root bsc1154328...

SUSE-SU-2019:14230-1 Security update for mailman

This update for mailman fixes the following issues: - CVE-2019-3693: Fixed a local privilege escalation from wwwrun to root bsc1154328...

SUSE-SU-2019:13924-1 Security update for mailman

This update for mailman fixes the following issues: - Fixed a XSS vulnerability and information leak in user options CGI, which could be used to execute arbitrary scripts in the user's browser via specially encoded URLs bsc1077358 CVE-2018-5950 - Fixed a directory traversal vulnerability in MTA...

SUSE-SU-2018:4296-1 Security update for mailman

This update for mailman fixes the following security vulnerabilities: - Fixed a XSS vulnerability and information leak in user options CGI, which could be used to execute arbitrary scripts in the user's browser via specially encoded URLs bsc1077358 CVE-2018-5950 - Fixed a directory traversal...

CVE-2018-0618

Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...

SUSE-SU-2018:1638-1 Security update for mailman

This update for mailman to version 2.1.15 fixes the following issues: - CVE-2016-6893: Prevent cross-site request forgery CSRF vulnerability in the user options page that allowed remote attackers to hijack the authentication of arbitrary users for requests that modify an option bsc995352. - Vario...

mailman security and bug fix update

2.1.5.1-34.rhel4.6 - fix 200036 - canceling subscription confirmation crashes mailman - fix 205651 - CVE-2006-4624 logfile CRLF injection - fix 230939 - missing migrate-fhs script - fix 223191 - spam filters gets deleted when sender filter is edited - fix 242677 - wrong init script...

0013.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SA0013 - Public Advisory +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +++++ Mailman 2.1.8 Multiple Security Issues +++++ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ PUBLISHED ON Sep 13, 2006 PUBLISHED AT...