Sympa version =>6.2.16 - Cross-Site Scripting

Sympa version 6.2.16 and later contains a URL Redirection to Untrusted Site vulnerability in the referer parameter of the wwsympa fcgi login action that can result in open redirection and reflected cross-site scripting via data URIs. id: CVE-2018-1000671 info: name: Sympa version =6.2.16 -...

EUVD-2008-4457

Malware in sbrugna...

EUVD-2004-1729

Malware in sbrugna...

EUVD-2018-1939

Malware in sbrugna...

EUVD-2020-3342

Malware in sbrugna...

EUVD-2020-19415

Malware in sbrugna...

EUVD-2020-19462

Malware in sbrugna...

EUVD-2005-0074

Malware in sbrugna...

EUVD-2020-22025

Malware in sbrugna...

EUVD-2020-30190

Malware in sbrugna...

EUVD-2008-1649

Malware in sbrugna...

EUVD-2012-2345

Malware in sbrugna...

EUVD-2015-1447

Malware in sbrugna...

EUVD-2018-2000

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-29668

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sympa before 6.2.59b.2 allows remote attackers to obtain full SOAP API access by sending any arbitrary string except one from an expired cookie as the cookie...

Linux Distros Unpatched Vulnerability : CVE-2020-26880

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file which...

Linux Distros Unpatched Vulnerability : CVE-2020-26932

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - debian/sympa.postinst for the Debian Sympa package before 6.2.40dfsg-7 uses mode 4755 for sympanewaliases-wrapper, whereas the intended permissions are mode 475...

Linux Distros Unpatched Vulnerability : CVE-2021-46900

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sympa before 6.2.62 relies on a cookie parameter for certain security objectives, but does not ensure that this parameter exists and has an unpredictable value...

Debian dla-4027 : sympa - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4027 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4027-1 [email protected] https://www.debian.org/lts/security/...

[SECURITY] [DLA 4027-1] sympa security update

Debian LTS Advisory DLA-4027-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany January 21, 2025 https://wiki.debian.org/LTS Package : sympa Version : 6.2.60dfsg-4+deb11u1 CVE ID : CVE-2024-55919 Debian Bug : 1090188 A flaw was found in Sympa’s web interface, a...