Download
| Alert*
oval:org.secpod.oval:def:1503608
An updated mailman package that fixes multiple security issues is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ava ... oval:org.secpod.oval:def:600168 Two cross site scripting vulnerabilities were been discovered in Mailman, a web-based mailing list manager. These allowed an attacker to retrieve session cookies via inserting crafted JavaScript into confirmation messages and in the list admin interface . oval:org.secpod.oval:def:500142 Mailman is a program used to help manage email discussion lists. Multiple input sanitization flaws were found in the way Mailman displayed usernames of subscribed users on certain pages. If a user who is subscribed to a mailing list were able to trick a victim into visiting one of those pages, they ... oval:org.secpod.oval:def:500265 Mailman is a program used to help manage email discussion lists. Multiple input sanitization flaws were found in the way Mailman displayed usernames of subscribed users on certain pages. If a user who is subscribed to a mailing list were able to trick a victim into visiting one of those pages, they ... oval:org.secpod.oval:def:200242 Mailman is a program used to help manage email discussion lists. Multiple input sanitization flaws were found in the way Mailman displayed usernames of subscribed users on certain pages. If a user who is subscribed to a mailing list were able to trick a victim into visiting one of those pages, they ... oval:org.secpod.oval:def:202870 Mailman is a program used to help manage email discussion lists. Multiple input sanitization flaws were found in the way Mailman displayed usernames of subscribed users on certain pages. If a user who is subscribed to a mailing list were able to trick a victim into visiting one of those pages, they ... oval:org.secpod.oval:def:201654 Mailman is a program used to help manage email discussion lists. Multiple input sanitization flaws were found in the way Mailman displayed usernames of subscribed users on certain pages. If a user who is subscribed to a mailing list were able to trick a victim into visiting one of those pages, they ... oval:org.secpod.oval:def:202862 Mailman is a program used to help manage email discussion lists. Multiple input sanitization flaws were found in the way Mailman displayed usernames of subscribed users on certain pages. If a user who is subscribed to a mailing list were able to trick a victim into visiting one of those pages, they ... oval:org.secpod.oval:def:101310 Mailman is software to help manage email discussion lists, much like Majordomo and Smartmail. Unlike most similar products, Mailman gives each mailing list a webpage, and allows users to subscribe, unsubscribe, etc. over the Web. Even the list manager can administer his or her list entirely from the ... oval:org.secpod.oval:def:101311 Mailman is software to help manage email discussion lists, much like Majordomo and Smartmail. Unlike most similar products, Mailman gives each mailing list a webpage, and allows users to subscribe, unsubscribe, etc. over the Web. Even the list manager can administer his or her list entirely from the ... oval:org.secpod.oval:def:700238 It was discovered that Mailman did not properly sanitize certain fields, resulting in cross-site scripting vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify th ... oval:org.secpod.oval:def:3031 The host is installed with GNU Mailman before 2.1.14rc1 and is prone to multiple cross site scripting vulnerabilities. A flaw is present in the application, which fails to sanitize user supplied input. Successful exploitation could allow attackers to inject arbitrary script. oval:org.secpod.oval:def:300307 Multiple vulnerabilities has been found and corrected in mailman: Multiple cross-site scripting vulnerabilities in GNU Mailman before 2.1.14rc1 allow remote authenticated users to inject arbitrary web script or HTML via vectors involving the list information field or the list description field . ... oval:org.secpod.oval:def:100660 Mailman is software to help manage email discussion lists, much like Majordomo and Smartmail. Unlike most similar products, Mailman gives each mailing list a webpage, and allows users to subscribe, unsubscribe, etc. over the Web. Even the list manager can administer his or her list entirely from the ... oval:org.secpod.oval:def:100184 Mailman is software to help manage email discussion lists, much like Majordomo and Smartmail. Unlike most similar products, Mailman gives each mailing list a webpage, and allows users to subscribe, unsubscribe, etc. over the Web. Even the list manager can administer his or her list entirely from the ... oval:org.secpod.oval:def:3050 The host is missing an important security update according to, APPLE-SA-2011-03-21-1. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the application, which fail to sanitize user supplied input. Successful exploitation could allow attackers to e ... |