Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.60465
Category:Mandrake Local Security Checks
Title:Mandrake Security Advisory MDVSA-2008:061 (mailman)
Summary:NOSUMMARY
Description:Description:

The remote host is missing an update to mailman
announced via advisory MDVSA-2008:061.

Multiple cross-site scripting (XSS) vulnerabilities were found in
Mailman prior to version 2.1.10b1, which allow remote attackers to
inject arbitrary web script or HTML via edting templates and the
list's info attribute in the web administrator interface.

The updated packages have been patched to correct these issues.

Affected: 2007.0, 2007.1, 2008.0, Corporate 3.0, Corporate 4.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2008:061

Risk factor : Medium

CVSS Score:
4.3

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2008-0564
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
BugTraq ID: 27630
http://www.securityfocus.com/bid/27630
Bugtraq: 20080215 rPSA-2008-0056-1 mailman (Google Search)
http://www.securityfocus.com/archive/1/488236/100/0/threaded
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00452.html
http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:061
http://mail.python.org/pipermail/mailman-announce/2008-February/000096.html
http://www.redhat.com/support/errata/RHSA-2011-0307.html
http://secunia.com/advisories/28794
http://secunia.com/advisories/28916
http://secunia.com/advisories/28966
http://secunia.com/advisories/29249
http://secunia.com/advisories/29388
http://secunia.com/advisories/31687
http://secunia.com/advisories/43549
SuSE Security Announcement: SUSE-SR:2008:017 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
http://www.ubuntu.com/usn/usn-586-1
http://www.vupen.com/english/advisories/2008/0422
http://www.vupen.com/english/advisories/2011/0542
CopyrightCopyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.