2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
Mailman uses insecure file permissions. It was found that mailman stored private email messages in a world-readable directory. A local user could use this flaw to read private mailing list archives.
CPE | Name | Operator | Version |
---|---|---|---|
mailman | eq | 2.1.12__14.el6 | |
mailman | eq | 2.1.12__17.el6 | |
mailman | eq | 2.1.12__14.el6_0.2 | |
mailman | eq | 2.1.12__18.el6 |
marc.info/?l=bugtraq&m=101902003314968&w=2
rhn.redhat.com/errata/RHSA-2015-1417.html
sourceforge.net/tracker/?func=detail&atid=100103&aid=474616&group_id=103
www.iss.net/security_center/static/8874.php
www.securityfocus.com/bid/4538
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1008139
bugzilla.redhat.com/show_bug.cgi?id=1056366
bugzilla.redhat.com/show_bug.cgi?id=1095359
bugzilla.redhat.com/show_bug.cgi?id=745409
bugzilla.redhat.com/show_bug.cgi?id=765807
rhn.redhat.com/errata/RHSA-2015-1417.html