DebianDEBIAN:DLA-148-1:D7A57[SECURITY] [DLA 148-1] sympa security update
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
77.7%
Package : sympa
Version : 6.0.1+dfsg-4+squeeze3
CVE ID : CVE-2015-1306
A vulnerability has been discovered in the web interface of sympa, a
mailing list manager. An attacker could take advantage of this flaw in
the newsletter posting area, which allows sending to a list, or to
oneself, any file located on the server filesystem and readable by the
sympa user.
Attachment:
signature.asc
Description: Digital signature
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 7 | armel | sympa | < 6.1.11~dfsg-5+deb7u2 | sympa_6.1.11~dfsg-5+deb7u2_armel.deb |
| Debian | 7 | all | sympa | < 6.1.11~dfsg-5+deb7u2 | sympa_6.1.11~dfsg-5+deb7u2_all.deb |
| Debian | 7 | mips | sympa | < 6.1.11~dfsg-5+deb7u2 | sympa_6.1.11~dfsg-5+deb7u2_mips.deb |
| Debian | 7 | i386 | sympa | < 6.1.11~dfsg-5+deb7u2 | sympa_6.1.11~dfsg-5+deb7u2_i386.deb |
| Debian | 7 | sparc | sympa | < 6.1.11~dfsg-5+deb7u2 | sympa_6.1.11~dfsg-5+deb7u2_sparc.deb |
| Debian | 7 | kfreebsd-amd64 | sympa | < 6.1.11~dfsg-5+deb7u2 | sympa_6.1.11~dfsg-5+deb7u2_kfreebsd-amd64.deb |
| Debian | 7 | s390x | sympa | < 6.1.11~dfsg-5+deb7u2 | sympa_6.1.11~dfsg-5+deb7u2_s390x.deb |
| Debian | 6 | i386 | sympa | < 6.0.1+dfsg-4+squeeze3 | sympa_6.0.1+dfsg-4+squeeze3_i386.deb |
| Debian | 7 | ia64 | sympa | < 6.1.11~dfsg-5+deb7u2 | sympa_6.1.11~dfsg-5+deb7u2_ia64.deb |
| Debian | 7 | mipsel | sympa | < 6.1.11~dfsg-5+deb7u2 | sympa_6.1.11~dfsg-5+deb7u2_mipsel.deb |
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
77.7%