Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Mandrake Local Security Checks --> Category: infos

MDKSA-2006:165: mailman Vulnerability Scan

Vulnerability Scan Summary
Check for the version of the mailman package

Detailed Explanation for this Vulnerability Test

The remote host is missing the patch for the advisory MDKSA-2006:165 (mailman).

A flaw was discovered in how Mailman handles MIME multipart messages
where a possible hacker could send a carefully-crafted MIME multipart
message to a Mailman-run mailing list causing that mailing list to
stop working (CVE-2006-2941).
As well, a number of XSS (cross-site scripting) issues were discovered
that could be exploited to perform XSS attacks against the Mailman
administrator (CVE-2006-3636).
Finally, a CRLF injection vulnerability allows remote attackers to
spoof messages in the error log (CVE-2006-4624).
Updated packages have been patched to address these issues.

Solution :
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.