Family: Debian Local Security Checks --> Category: infos
[DSA094] DSA-094-1 mailman Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Barry A. Warsaw reported several cross-site scripting security holes
in Mailman, due to non-existent escaping of CGI variables.
These have been fixed upstream in version 2.0.8, and the relevant
patches have been backported to version 1.1-10 in Debian.
Solution : http://www.debian.org/security/2001/dsa-094
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.