Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 459
Alerts This Week
Warning Icon 1 459

Gentoo: GLSA-200609-12 Normal: Mailman DoS, Log Injection, XSS Risks

gentoo
Calendar Grey September 19, 2006
Dist Gentoo Esm H88
Mailservice on Gentoo has vulnerabilities leading to DoS, log tampering, and XSS. Update now to protect your environment. Learn additional details!
Mailman has multiple vulnerable that can result in Denial of Service, log file injection and XSS.

Summary

Gentoo Linux Security Advisory GLSA 200609-12 https://security.gentoo.org/ Severity: Normal Title: Mailman: Multiple vulnerabilities Date: September 19, 2006 Bugs: #139976 ID: 200609-12

Synopsis ======= Mailman has multiple vulnerable that can result in Denial of Service, log file injection and XSS.
Background ========= Mailman is a Python based mailing list server with an extensive web interface.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-mail/mailman < 2.1.9_rc1 >= 2.1.9_rc1
========== Mailman fails to properly handle standards-breaking RFC 2231 formatted headers. Furthermore, Moritz Naumann discovered several XSS vulnerabilities and a log file injec...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround