Lucene search
GoogleOSV:DSA-3134-1HistoryJan 20, 2015 - 12:00 a.m.
sympa - security update
2015-01-2000:00:00
Google
osv.dev
9
EPSS
0.005
Percentile
77.7%
A vulnerability has been discovered in the web interface of sympa, a
mailing list manager. An attacker could take advantage of this flaw in
the newsletter posting area, which allows sending to a list, or to
oneself, any file located on the server filesystem and readable by the
sympa user.
For the stable distribution (wheezy), this problem has been fixed in
version 6.1.11~dfsg-5+deb7u2.
For the upcoming stable distribution (jessie), this problem will be
fixed soon.
For the unstable distribution (sid), this problem has been fixed in
version 6.1.23~dfsg-2.
We recommend that you upgrade your sympa packages.
References
Related
nessus
nessus
Debian DSA-3134-1 : sympa - security update
2015-01-21 00:00:00
FreeBSD : sympa -- Remote attackers can read arbitrary files (451a6c79-c92b-11e4-a835-000c292ee6b8)
2015-03-13 00:00:00
Mandriva Linux Security Advisory : sympa (MDVSA-2015:051)
2015-03-19 00:00:00
debian
debian
[SECURITY] [DLA 148-1] sympa security update
2015-02-07 10:54:01
cve
cve
CVE-2015-1306
2015-01-22 15:59:00
ubuntucve
ubuntucve
CVE-2015-1306
2015-01-22 00:00:00
debiancve
debiancve
CVE-2015-1306
2015-01-22 15:59:00
prion
prion
Design/Logic Flaw
2015-01-22 15:59:00
openvas
openvas
Debian: Security Advisory (DSA-3134-1)
2015-01-19 00:00:00
Debian Security Advisory DSA 3134-1 (sympa - security update)
2015-01-20 00:00:00
Debian: Security Advisory (DLA-148-1)
2023-03-08 00:00:00
cvelist
cvelist
CVE-2015-1306
2015-01-22 15:00:00
securityvulns
securityvulns
[ MDVSA-2015:051 ] sympa
2015-03-23 00:00:00
nvd
nvd
CVE-2015-1306
2015-01-22 15:59:00
freebsd
freebsd
sympa -- Remote attackers can read arbitrary files
2015-01-13 00:00:00
mageia
mageia
Updated sympa packages fix CVE-2015-1306
2015-02-26 11:26:53