Paketname
mailman
Datum
2005-02-14
Advisory ID
MDKSA-2005:037
Betroffene Versionen
CS2.1 x86_64 , 10.0 amd64 , 10.1 i586 , 10.0 i586 , CS3.0 x86_64 , CS3.0 i586 , CS2.1 i586 , 10.1 x86_64

Problembeschreibung

A vulnerability was discovered in Mailman, which allows a remote directory traversal exploit using URLs of the form ".../....///" to access private Mailman configuration data. The vulnerability lies in the Mailman/Cgi/private.py file. Updated packages correct this issue.

Aktualisierte Pakete

CS2.1 x86_64

 eb01c4300056aec9ed25b79906ba564a  x86_64/corporate/2.1/RPMS/mailman-2.0.14-1.3.C21mdk.i586.rpm
f5bdc329649f114e49d8346406a34957  x86_64/corporate/2.1/SRPMS/mailman-2.0.14-1.3.C21mdk.src.rpm

10.0 amd64

 7b2ba12c273fd6f39b2a98a533fe1029  amd64/10.0/RPMS/mailman-2.1.4-2.3.100mdk.amd64.rpm
6e1afd0483efcc74c780dd2a7533263a  amd64/10.0/SRPMS/mailman-2.1.4-2.3.100mdk.src.rpm

10.1 i586

 d2382f8a1d35bbf90ac29729d67f5508  10.1/RPMS/mailman-2.1.5-7.3.101mdk.i586.rpm
8db653937cb2b97d7ab637b1e573c212  10.1/SRPMS/mailman-2.1.5-7.3.101mdk.src.rpm

10.0 i586

 2962bcf8974ad0f4f0e47fa957a8a276  10.0/RPMS/mailman-2.1.4-2.3.100mdk.i586.rpm
6e1afd0483efcc74c780dd2a7533263a  10.0/SRPMS/mailman-2.1.4-2.3.100mdk.src.rpm

CS3.0 x86_64

 5c8a3cb930e10b38fbd8639ca942f329  x86_64/corporate/3.0/RPMS/mailman-2.1.4-2.3.C30mdk.x86_64.rpm
d2642df15ee5a3e0bf965cf23563157c  x86_64/corporate/3.0/SRPMS/mailman-2.1.4-2.3.C30mdk.src.rpm

CS3.0 i586

 e6df81bf7b44a9a02a9fc44910be76b0  corporate/3.0/RPMS/mailman-2.1.4-2.3.C30mdk.i586.rpm
d2642df15ee5a3e0bf965cf23563157c  corporate/3.0/SRPMS/mailman-2.1.4-2.3.C30mdk.src.rpm

CS2.1 i586

 eb01c4300056aec9ed25b79906ba564a  corporate/2.1/RPMS/mailman-2.0.14-1.3.C21mdk.i586.rpm
f5bdc329649f114e49d8346406a34957  corporate/2.1/SRPMS/mailman-2.0.14-1.3.C21mdk.src.rpm

10.1 x86_64

 d4e2e15b0e16b4cb4db4e31c01ea71a9  x86_64/10.1/RPMS/mailman-2.1.5-7.3.101mdk.x86_64.rpm
8db653937cb2b97d7ab637b1e573c212  x86_64/10.1/SRPMS/mailman-2.1.5-7.3.101mdk.src.rpm

Referenzen