Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2004:013: mailman Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the mailman package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2004:013 (mailman).
A cross-site scripting vulnerability was discovered in mailman's administration
interface (CVE-2003-0965). This affects version 2.1 earlier than 2.1.4.
Certain malformed email commands could cause the mailman process to crash.
(CVE-2003-0991). This affects version 2.0 earler than 2.0.14.
Another cross-site scripting vulnerability was found in mailman's 'create' CGI
script (CVE-2003-0992). This affects version 2.1 earlier than 2.1.3.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2004:013
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.