Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Ubuntu Local Security Checks --> Category: infos

USN78-2 : mailman vulnerabilities Vulnerability Scan

Vulnerability Scan Summary
mailman vulnerabilities

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote package "mailman" is missing a security patch.

Description :

Ubuntu Security Announce USN-78-1 described a path traversal
vulnerability in the "private" module of Mailman. Unfortunately this
updated mailman package was broken so that the "private" module could
not be executed at all any more. The latest package version fixes

We apologize for the inconvenience.

For reference, this is the description of the original USN:

An path traversal vulnerability has been discovered in the "private"
module of Mailman. A flawed path sanitation algorithm allowed the
construction of URLS to arbitrary files readable by Mailman. This
allowed a remote attacker to retrieve configuration and password
databases, private list archives, and other files.

Solution :

Upgrade to :
- mailman-2.1.5-1ubuntu2.4 (Ubuntu 4.10)

Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.