47 matches found
CVE-2020-12108
Summary: CVE-2020-12108 affects GNU Mailman prior to 2.1.31, allowing Arbitrary Content Injection via the /options/mailman page (and related login/archival areas per advisories). Affected software: Mailman 2.1.x series before 2.1.31. Root cause / vector: improper handling on the options/login pat...
CVE-2020-12137
CVE-2020-12137 affects GNU Mailman 2.x up to version 2.1.30. The root cause is using the .obj extension for scrubbed application/octet-stream MIME parts, which can trigger MIME sniffing and lead to XSS in list-archive visitors when HTTP replies lack a MIME type. The connected advisories indicate ...
CVE-2020-15011
CVE-2020-15011 affects GNU Mailman prior to 2.1.33. The vulnerability allows arbitrary content injection via the Cgi/private.py private archive login page. Affected product: GNU Mailman 2.1.x (before 2.1.33). Impact described in sources as arbitrary content injection, with other related CVEs ofte...
CVE-2021-44227
GNU Mailman 2.1.x prior to 2.1.38 is affected by CVE-2021-44227, allowing a list member or moderator to obtain a CSRF token and craft an admin request that can change settings or reset the admin password, potentially leading to admin takeover. Multiple advisories confirm the issue across distribu...
CVE-2021-42097
GNU Mailman 2.1.x before 2.1.35 is affected by a CSRF/token bypass vulnerability (CVE-2021-42097) where a csrf_token value is not bound to a single user, enabling a CSRF attack against an admin that can lead to admin account takeover. The issue arises from CSRF protection weaknesses on the user o...
CVE-2021-42096
CVE-2021-42096 affects GNU Mailman before 2.1.35 where a CSRF token is derived from the admin password, enabling offline brute-force attacks and contributing to remote privilege escalation. Related advisories (CVE-2021-42097, CVE-2021-44227) describe additional CSRF/token issues and password-rela...
CVE-2018-5950
CVE-2018-5950 affects Mailman web UI: a cross-site scripting (XSS) vulnerability that can be triggered via a crafted user-options URL to inject arbitrary script/HTML. Affected: Mailman 2.1.x up to 2.1.25 (before 2.1.26). Impact per sources: remote attacker can execute script in user context; info...
CVE-2016-6893
GNU Mailman 2.1.x contains a CSRF vulnerability (CVE-2016-6893) in the user options page that allows remote attackers to hijack a user’s session and perform option-modifying requests, potentially accessing victim credentials. The root cause is CSRF token protection not being correctly tied to the...
CVE-2018-13796
CVE-2018-13796 affects GNU Mailman up to version 2.1.27 (pre-2.1.28). A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site, via mishandling of list/URL content in the web UI. Connected advisories confirm this alongside CVE-2018-0618 (XSS) in Mailman. Remediatio...
CVE-2018-0618
The provided documents confirm CVE-2018-0618 is a cross-site scripting vulnerability in Mailman prior to or including 2.1.26, caused by unvalidated input in the host_name field, enabling a malicious listowner to inject scripts on the listinfo page. Affected product: Mailman (versions up to 2.1.26...
CVE-2015-2775
CVE-2015-2775 is a directory traversal vulnerability in GNU Mailman up to version 2.1.19, exploitable via a leading .. in a list name when not using a static alias. The underlying issue is improper validation of list-name input, enabling remote attackers to execute arbitrary files. Impact is remo...
CVE-2021-43331
GNU Mailman before 2.1.36 is affected. A crafted URL to the Cgi/options.py user options page can trigger cross-site scripting (XSS) by executing arbitrary JavaScript. Public sources confirm fixes in Mailman 2.1.36 and later; apply the upgrade to mitigate. The documentation also references related...
CVE-2025-43920
GNU Mailman 2.1.39 (bundled with cPanel/WHM) has a command-injection risk when an external archiver is configured and the email subject line contains shell metacharacters. The root cause is unsanitized subject handling in the archiver/subject processing path, enabling unauthenticated execution of...
CVE-2025-43919
CVE-2025-43919 affects GNU Mailman 2.1.39 bundled with cPanel/WHM. The vulnerability is a directory traversal in the /mailman/private/mailman endpoint, exploitable via a crafted username parameter that can read arbitrary server files (e.g., /etc/passwd). Root cause: insufficient input validation ...
CVE-2021-43332
CVE-2021-43332 affects GNU Mailman before 2.1.36. The CSRF token on Cgi/admindb.py admindb page contains an encrypted version of the list admin password, which could potentially be cracked by a moderator via offline brute-force. Documents correlate this with other Mailman issues (e.g., CVE-2021-4...
CVE-2010-3089
CVE-2010-3089 affects GNU Mailman, with XSS vulnerabilities in the list information and list description fields reported in versions before 2.1.14rc1. The issue is confirmed in multiple advisories (e.g., MiracleLinux AXSA entries and openSUSE security updates) tying CVE-2010-3089 to Mailman pre-2...
CVE-2021-34337
Affected software: Mailman Core before 3.3.5. Vulnerability: REST API timing attack could allow an attacker with local access to deduce the configured REST API password and then perform arbitrary REST API calls. The REST API is bound to localhost by default, but can be configured to listen on oth...
CVE-2006-3636
CVE-2006-3636 corresponds to multiple cross-site scripting (XSS) vulnerabilities in GNU Mailman. The initial entry cites Mailman versions before 2.1.9rc1 as vulnerable via unspecified vectors, enabling remote attackers to inject arbitrary script/HTML. Connected documents corroborate this family o...
CVE-2011-0707
CVE-2011-0707 is a cross-site scripting (XSS) vulnerability in GNU Mailman 2.1.14 and earlier, specifically in Cgi/confirm.py, where remote attackers can inject arbitrary script or HTML via the full name or username in a confirmation message. Multiple Nessus/MiracleLinux open-source advisories re...
CVE-2005-0202
CVE-2005-0202 concerns a directory-traversal in Mailman 2.1.5 and earlier, arising from an insufficient cleanse of "../" and "../" sequences in the true_path function of private.py. The flaw allows remote attackers to read arbitrary files by crafting URLs like ".../....///". The issue is caused b...
CVE-2006-4624
CVE-2006-4624 describes a CRLF injection in Mailman’s Utils.py (pre-2.1.9rc1) that can let a remote attacker spoof entries in the error log and potentially mislead an administrator into visiting malicious URLs via carriage return/line feed sequences in the URI. Connected advisories confirm this v...
CVE-2004-1177
CVE-2004-1177 is an XSS vulnerability in Mailman’s driver script (affecting mailman up to before 2.1.5) where an unescaped URL in an error page can inject arbitrary script/HTML. Public references (GHSA advisory and multiple OpenVAS/Debian/SUSE entries) confirm the issue and link to affected Mailm...
CVE-2025-43921
GNU Mailman 2.1.39 (bundled with cPanel/WHM) is vulnerable to unauthenticated creation of mailing lists via the /mailman/create endpoint. The root cause is missing access controls in the create CGI script, enabling arbitrary list creation by anyone. Impact described across sources includes potent...
CVE-2005-3573
CVE-2005-3573 affects Mailman 2.1.4–2.1.6 with two DoS vectors: (1) UTF-8 handling in attachment filenames can crash the server, and (2) malformed date handling can crash the Mailman service. Connected advisories (RHSA-2006:0204, Debian DSA-955-1, CentOS/CESA-2006:0204) document these issues and ...
CVE-2005-4153
CVE-2005-4153 affects Mailman 2.1.4–2.1.6, where a crafted message with bad date data could crash the Mailman server (remote DoS). Root cause: improper handling of date data in processed messages. Exploitation details are not provided in the included documents. Remediation in connected advisories...
CVE-2003-0965
CVE-2003-0965 is a cross-site scripting (XSS) vulnerability in the Mailman admin CGI script before 2.1.4. The issue allows remote attackers to steal session cookies and perform unauthorized activities via the administrative interface. Affected: Mailman (admin CGI). Root cause: XSS in the admin UI...
CVE-2006-2941
Mailman vulnerability CVE-2006-2941 affects Mailman prior to 2.1.9rc1, involving how RFC 2231 formatted headers are processed. Exploitation can lead to a denial of service on mailing lists. Connected advisories (Red Hat RHSA-2006:0600, Ubuntu USN-345-1, SuSE/SLES9 updates, Gentoo GLSA 200609-12, ...
CVE-2002-0389
CVE-2002-0389 concerns Pipermail in Mailman, where private mail messages are stored with predictable filenames in a world-executable directory, allowing local users to read private mailing list archives. The connected advisories corroborate the issue within Mailman and reference multiple CVEs (no...
CVE-2004-0412
Mailman prior to version 2.1.5 is affected by CVE-2004-0412. A crafted email request to the Mailman server can allow a remote attacker to obtain user passwords, per the description in multiple sources (Mailman password disclosure). The vulnerability stems from how password data could be disclosed...
CVE-2016-7123
CVE-2016-7123 is a CSRF vulnerability in the GNU Mailman admin web interface (pre-2.1.15) that can hijack administrator authentication. Exploitation details are provided in connected documents (e.g., Nessus and OSV descriptions) and indicate users are potentially affected across various Linux dis...
CVE-2006-0052
CVE-2006-0052 affects Mailman 2.1.5 and earlier when used with Python’s email library 2.5. A malformed MIME multipart message (a single part with two blank lines between the first and end boundaries) can cause a denial of service by blocking mailing-list delivery. Root cause involves how Mailman ...
CVE-2003-0991
CVE-2003-0991 concerns the Mailman mail command handler. Multiple connected sources confirm this is a vulnerability in Mailman prior to 2.0.14 where certain malformed email commands could crash the mailman process, producing a denial-of-service condition. Debian advisories (DSA-436-1/DSA-436-2) a...
CVE-2006-2191
The CVE-2006-2191 entry concerns a format-string vulnerability in Mailman prior to version 2.1.9, which could allow an attacker to execute arbitrary code via unspecified vectors. The vulnerability is documented across multiple advisories and OpenVAS/Nessus entries, and several sources explicitly ...
CVE-2005-0080
CVE-2005-0080 affects Mailman 2.1.5 via the 55_options_traceback.dpatch patch used in Ubuntu 4.10. The patch causes the error message to differ based on whether an email address is subscribed to a private list, enabling remote attackers to determine list membership for a given address. The availa...
CVE-2006-1712
CVE-2006-1712 affects GNU Mailman 2.1.7: the private archive script (private.py) is vulnerable to cross-site scripting (XSS) via the action parameter, allowing remote injection of arbitrary script/HTML that could run in a user’s browser within the vulnerable site’s context. The description is cor...
CVE-2000-0701
The vulnerability CVE-2000-0701 affects the Mailman project’s wrapper program in versions 2.0beta3 and 2.0beta4. The root cause is improper cleansing of untrusted format strings, which permits local privilege escalation. The NVD entry lists local attack vector with low complexity and partial impa...
CVE-2001-1132
Vulnerability details (CVE-2001-1132) : Mailman 2.0.x prior to 2.0.6 is vulnerable. During authentication, an empty site or list password is not properly handled when calling the crypt function, enabling remote attackers to gain access to list administrative pages. This is limited to the affected...
CVE-2004-0182
CVE-2004-0182 affects Mailman before 2.0.13. A flaw allows remote attackers to trigger a denial of service (crash) by sending an email message with an empty subject field. Multiple connected sources corroborate this issue and tie it to a DoS in Mailman. Remediation in the public advisories is to ...
CVE-2003-0992
CVE-2003-0992 is a documented cross-site scripting vulnerability in Mailman’s create CGI script, exploitable to steal cookies of other users. Affected versions are Mailman 2.1.x before 2.1.3; the issue is fixed in later releases (e.g., patches included in 2.1.3 and newer). The linked OpenVAS/Ness...
CVE-2002-0855
CVE-2002-0855 describes a cross-site scripting vulnerability in Mailman prior to 2.0.12. Theissue allows remote attackers to execute script as other users by crafting a subscriber’s list subscription options in the ml-name feature via the (1) adminpw or (2) info parameters. Connected advisories c...
CVE-2003-0038
CVE-2003-0038 describes a cross-site scripting (XSS) flaw in Mailman 2.1 (options.py) that allows an attacker to inject script or HTML into web pages via the (1) email or (2) language parameters. This is scored CVSS v2 base 4.3 (medium). Patch material is referenced (xss-2.1.0-patch.txt). Related...
CVE-2001-0884
CVE-2001-0884 is a cross-site scripting vulnerability in the Mailman email archiver prior to version 2.08. The issue allows attackers to obtain sensitive information or authentication credentials via a malicious link that is accessed by other web users. The provided documents do not include remed...
CVE-2011-5024
CVE-2011-5024 describes an XSS in the mmsearch/design component of the Mailman/htdig integration, allowing remote injection of script/HTML via the config parameter. Connected sources confirm the vulnerability in GNU Mailman mmsearch/design and note affected software as Mailman, with root cause a ...
CVE-2001-0290
Mailman 2.0.1 and earlier contain a vulnerability that allows list administrators to obtain user passwords. The available sources confirm the affected product/version and the impact on confidentiality, but do not provide the underlying root cause specifics or a remediation fix/version. No exploit...
CVE-2002-0388
CVE-2002-0388 affects Mailman releases prior to 2.0.11, enabling remote XSS via the admin login page or Pipermail index summaries. The root cause is cross-site scripting in Mailman’s web interfaces. Public advisories and OpenVAS/Nessus entries corroborate a fix in 2.0.11 (debian/DSA-147-1/DSA-147...
CVE-2000-0861
CVE-2000-0861 affects Mailman 1.1. The vulnerability allows a list administrator to execute arbitrary commands by injecting shell metacharacters into the %(listname) macro expansion. The root cause is improper handling of the macro expansion, enabling command execution with LOCAL attack vector an...
CVE-2004-1143
The CVE-2004-1143 issue concerns Mailman prior to version 2.1.5, where auto-generated passwords are limited to about 5 million, enabling remote attackers to perform brute-force guessing of subscriber credentials. Remediation: upgrade to Mailman 2.1.5 or newer (as detailed in related advisories). ...