Mageia: 2019-0263 Moderate: Sympa File Modification Flaw

mageia

September 12, 2019

Updated sympa packages fix security vulnerability: Michael Kaczmarczik discovered a vulnerability in the web interface template editing function of Sympa, a mailing list manager

Summary

Updated sympa packages fix security vulnerability:
Michael Kaczmarczik discovered a vulnerability in the web interface template editing function of Sympa, a mailing list manager. Owner and listmasters could use this flaw to create or modify arbitrary files in the server with privileges of sympa user or owner view list config files even if edit_list.conf prohibits it (CVE-2018-1000550).

References

- https://bugs.mageia.org/show_bug.cgi?id=23536

- https://www.sympa.community/security/2018-001.html

- https://lists.debian.org/debian-security-announce/2018/msg00215.html

- https://www.cve.org/CVERecord?id=CVE-CCVE-2018-1000550

Topics Covered

security advisory remote access sympa file modification Mageia

Resolution

SRPMS

- 6/core/sympa-6.2.16-1.1.mga6

Publication date: 12 Sep 2019

URL: https://advisories.mageia.org/MGASA-2019-0263.html

Type: security

CVE: CCVE-2018-1000550

Topics Covered

security advisory remote access sympa file modification Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Mageia: 2019-0263 Moderate: Sympa File Modification Flaw

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Mageia: 2019-0263 Moderate: Sympa File Modification Flaw

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!