|
Family: Debian Local Security Checks --> Category: infos
[DSA436] DSA-436-1 mailman Vulnerability Scan
Vulnerability Scan Summary DSA-436-1 mailman
Detailed Explanation for this Vulnerability Test
Several vulnerabilities have been fixed in the mailman package:
The cross-site scripting vulnerabilities could allow a possible hacker to
perform administrative operations without authorization, by stealing a
session cookie.
For the current stable distribution (woody) these problems have been
fixed in version 2.0.11-1woody7.
For the unstable distribution (sid),
CVE-2003-0965 is fixed in version 2.1.4-1, and
CVE-2003-0038 in version 2.1.1-1.
CVE-2003-0991 will be fixed soon.
We recommend that you update your mailman package.
Solution : http://www.debian.org/security/2004/dsa-436
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|