6 matches found
Exploit for Path Traversal in Gnu Mailman
🚨 CVE-2025-43919: Directory Traversal in GNU Mailman 2.1.39...
Debian: Security Advisory (DLA-608-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Core 1 : mailman-2.1.5-6 (2004-167)
Fixes security issue CVE-2004-0412 noted in bug https://bugzilla.redhat.com/bugzilla/showbug.cgi?id=123559 Mailman subscriber passwords could be retrieved by a remote attacker. Security hole is fixed in mailman-2.1.5 Important Installation Note: Some users have reported problems with bad queue...
Fedora Core 2 : mailman-2.1.5-7 (2004-168)
Fixes security issue CVE-2004-0412 noted in bug https://bugzilla.redhat.com/bugzilla/showbug.cgi?id=123559 Mailman subscriber passwords could be retrieved by a remote attacker. Security hole is fixed in mailman-2.1.5 Important Installation Note: Some users have reported problems with bad queue...
[Mailman-Announce] ANNOUNCE Mailman 2.0.2 (important privacy patch)
I've just uploaded the Mailman 2.0.2 release to SourceForge. This is a bug fix release that also fixes a potential privacy hole, which could allow a list administrator to get access to user passwords. Even with those passwords, I believe there's little additional harm that a list admin could do,...
[SECURITY] New versions of mailman fixes cookie attack
We have become aware that the version mailman as supplied in Debian GNU/Linux 2.1 has a problem with verifying list administrators. The problem is that the cookie value generation used was predictable, so using forged authentication cookies it was possible to access the list administration webpag...