MDKSA-2000:030

Package name

mailman

Date

2000-08-02

Advisory ID

MDKSA-2000:030

Affected versions

6.1 i586 , 6.0 i586 , 7.0 i586 , 7.1 i586

Problem description

The wrapper program supplied with the mailman package has a format bug which could be exploited to obtain the privileges of the mailman user which has read and write access to all files mailman uses. This vulnerability can only be exploited by root users with shell access. Linux-Mandrake does not ship with the mailman package and is therefore not vulnerable to this exploit.

Updated packages

6.1 i586

 na 6.1/RPMS/na

6.0 i586

 na 6.0/RPMS/na

7.0 i586

 na 7.0/RPMS/na

7.1 i586

 na 7.1/RPMS/na