Download
| Alert*
|
oval:org.secpod.oval:def:506053
Mailman is a program used to help manage e-mail discussion lists. Security Fix: * mailman: arbitrary content injection via the options login page * mailman: arbitrary content injection via the private archive login page For more details about the security issue, including the impact, a CVSS score, ... oval:org.secpod.oval:def:63498 mailman: Web-based mailing list manager Mailman could be made to inject arbitrary content in the login page if it received a specially crafted input. oval:org.secpod.oval:def:118511 Mailman is software to help manage email discussion lists, much like Majordomo and Smartmail. Unlike most similar products, Mailman gives each mailing list a webpage, and allows users to subscribe, unsubscribe, etc. over the Web. Even the list manager can administer his or her list entirely from the ... oval:org.secpod.oval:def:89000573 This update for mailman fixes the following issues: Security issue fixed: - CVE-2020-12108: Fixed a content injection bug . - CVE-2020-12137: Fixed a XSS vulnerability caused by MIME type confusion . Non-security issue fixed: - Fixed rights and ownership on /var/lib/mailman/archives . - Don"t defaul ... oval:org.secpod.oval:def:705467 mailman: Web-based mailing list manager Mailman could be made to inject arbitrary content in the login page if it received a specially crafted input. oval:org.secpod.oval:def:2106018 Oracle Solaris 11 - ( CVE-2020-12137 ) oval:org.secpod.oval:def:2500408 Mailman is a program used to help manage e-mail discussion lists. oval:org.secpod.oval:def:706201 mailman: Web-based mailing list manager Details: USN-5009-1 fixed vulnerabilities in Mailman. This update provides the corresponding updates for Ubuntu 20.04 LTS. In addition, the following CVEs were fixed: It was discovered that Mailman allows arbitrary content injection. An attacker could use this ... oval:org.secpod.oval:def:73601 Mailman is a program used to help manage e-mail discussion lists. Security Fix: * mailman: arbitrary content injection via the options login page * mailman: arbitrary content injection via the private archive login page For more details about the security issue, including the impact, a CVSS score, ... oval:org.secpod.oval:def:76357 mailman: Web-based mailing list manager Details: USN-5009-1 fixed vulnerabilities in Mailman. This update provides the corresponding updates for Linux Mint 20.x LTS. In addition, the following CVEs were fixed: It was discovered that Mailman allows arbitrary content injection. An attacker could use t ... oval:org.secpod.oval:def:75883 Several vulnerabilities were discovered in mailman, a web-based mailing list manager, which could result in arbitrary content injection via the options and private archive login pages, and CSRF attacks or privilege escalation via the user options page. oval:org.secpod.oval:def:1504903 [3:2.1.29-11] - Fixes for CVE-2020-12108 and CVE-2020-15011 oval:org.secpod.oval:def:605659 Several vulnerabilities were discovered in mailman, a web-based mailing list manager, which could result in arbitrary content injection via the options and private archive login pages, and CSRF attacks or privilege escalation via the user options page. oval:org.secpod.oval:def:4501255 Mailman is a program used to help manage e-mail discussion lists. Security Fix: * mailman: arbitrary content injection via the options login page * mailman: arbitrary content injection via the private archive login page For more details about the security issue, including the impact, a CVSS score, ... |
