Family: Ubuntu Local Security Checks --> Category: infos
USN78-1 : mailman vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
The remote package "mailman" is missing a security patch.
An path traversal vulnerability has been discovered in the "private"
module of Mailman. A flawed path sanitation algorithm allowed the
construction of URLS to arbitrary files readable by Mailman. This
allowed a remote attacker to retrieve configuration and password
databases, private list archives, and other files.
Upgrade to :
- mailman-2.1.5-1ubuntu2.3 (Ubuntu 4.10)
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.