Debian: Security Advisory (DLA-2401-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Privilege Escalation

github.com/sympa-community/sympa is vulnerable to privilege escalation. The setuid wrappers does not clear environment variables, potentially allowing a local attacker to gain higher privileges...

FreeBSD : sympa - Security flaws in setuid wrappers (61bc44ce-9f5a-11ea-aff3-f8b156c2bfe9)

A vulnerability has been discovered in Sympa web interface by which attacker can execute arbitrary code with root privileges. Sympa uses two sorts of setuid wrappers : - FastCGI wrappers - newaliases wrapper The FastCGI wrappers wwsympa-wrapper.fcgi and sympasoapserver-wrapper.fcgi were used to...

sympa - Security flaws in setuid wrappers

A vulnerability has been discovered in Sympa web interface by which attacker can execute arbitrary code with root privileges. Sympa uses two sorts of setuid wrappers: FastCGI wrappers newaliases wrapper The FastCGI wrappers wwsympa-wrapper.fcgi and sympasoapserver-wrapper.fcgi were used to make t...