Family: Debian Local Security Checks --> Category: infos
[DSA1188] DSA-1188-1 mailman Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Several security related problems have been discovered in mailman, the
web-based GNU mailing list manager. The Common Vulnerabilities and
Exposures project identifies the following problems:
Moritz Naumann discovered several cross-site scripting problems
that could allow remote attackers to inject arbitrary web script code
Moritz Naumann discovered that a remote attacker can inject
arbitrary strings into the logfile.
For the stable distribution (sarge) these problems have been fixed in
For the unstable distribution (sid) these problems have been fixed in
We recommend that you upgrade your mailman package.
Solution : http://www.debian.org/security/2006/dsa-1188
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.