User: Password:
Subscribe / Log in / New account

mailman: path traversal

Package(s):mailman CVE #(s):CAN-2005-0202
Created:February 9, 2005 Updated:July 13, 2005
Description: The "private" module in the mailman mailing list manager fails to sanitize path names adequately. An attacker could exploit this vulnerability to retrieve private information, including passwords and private list archives.

This vulnerability was used to compromise the Full-Disclosure list.

Fedora-Legacy FLSA:152895 mailman 2005-07-10
Ubuntu USN-78-2 mailman 2005-02-17
Debian DSA-674-3 mailman 2005-02-21
Mandrake MDKSA-2005:037 mailman 2005-02-14
Red Hat RHSA-2005:137-01 mailman 2005-02-15
SuSE SUSE-SA:2005:007 mailman 2005-02-14
Debian DSA-674-2 mailman 2005-02-11
Red Hat RHSA-2005:136-01 mailman 2005-02-10
Gentoo 200502-11 mailman 2005-02-10
Fedora FEDORA-2005-132 mailman 2005-02-10
Fedora FEDORA-2005-131 mailman 2005-02-10
Ubuntu USN-78-1 mailman 2005-02-09

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds