FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mailman -- directory traversal vulnerability

Affected packages
ja-mailman < 2.1.5_2
mailman < 2.1.5_2

Details

VuXML ID c7ccc33f-7d31-11d9-a9e7-0001020eed82
Discovery 2005-01-02
Entry 2005-02-12

A directory traversal vulnerability in mailman allow remote attackers to read arbitrary files due to inadequate input sanitizing. This could, among other things, lead remote attackers to gaining access to the mailman configuration database (which contains subscriber email addresses and passwords) or to the mail archives for private lists.

References

CVE Name CVE-2005-0202
Message 20050209181502.GA26136@grok.org.uk

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.