Lucene search

Veracode Vulnerability DatabaseVERACODE:11721

HistoryJan 15, 2019 - 9:06 a.m.

Insecure File Permissions

2019-01-1509:06:42

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

JSON

Mailman uses insecure file permissions. It was found that mailman stored private email messages in a world-readable directory. A local user could use this flaw to read private mailing list archives.

CPENameOperatorVersion
mailmaneq2.1.12__14.el6
mailmaneq2.1.12__17.el6
mailmaneq2.1.12__14.el6_0.2
mailmaneq2.1.12__18.el6

Name	Operator	Version
mailman	eq	2.1.12__14.el6
mailman	eq	2.1.12__17.el6
mailman	eq	2.1.12__14.el6_0.2
mailman	eq	2.1.12__18.el6

References

marc.info/?l=bugtraq&m=101902003314968&w=2

rhn.redhat.com/errata/RHSA-2015-1417.html

sourceforge.net/tracker/?func=detail&atid=100103&aid=474616&group_id=103

www.iss.net/security_center/static/8874.php

www.securityfocus.com/bid/4538

access.redhat.com/security/updates/classification/#moderate

bugzilla.redhat.com/show_bug.cgi?id=1008139

bugzilla.redhat.com/show_bug.cgi?id=1056366

bugzilla.redhat.com/show_bug.cgi?id=1095359

bugzilla.redhat.com/show_bug.cgi?id=745409

bugzilla.redhat.com/show_bug.cgi?id=765807

rhn.redhat.com/errata/RHSA-2015-1417.html

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

JSON

Related for VERACODE:11721