Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-436
HistoryFeb 08, 2004 - 12:00 a.m.

mailman - several vulnerabilities

2004-02-0800:00:00
Google
osv.dev
15

0.02 Low

EPSS

Percentile

89.0%

JSON

Several vulnerabilities have been fixed in the mailman package:


  • CAN-2003-0038     - potential cross-site scripting via certain CGI
    parameters (not known to be exploitable in this version)

  • CAN-2003-0965     - cross-site scripting in the administrative
    interface

  • CAN-2003-0991     - certain malformed email commands could cause the mailman
    process to crash

The cross-site scripting vulnerabilities could allow an attacker to
perform administrative operations without authorization, by stealing a
session cookie.

For the current stable distribution (woody) these problems have been
fixed in version 2.0.11-1woody7.

For the unstable distribution (sid),

CAN-2003-0965 is fixed in version 2.1.4-1, and

CAN-2003-0038 in version 2.1.1-1.

CAN-2003-0991 will be fixed soon.

We recommend that you update your mailman package.

Related

nessus 10
openvas 10
debian 2
freebsd 3
debiancve 3
nvd 3
cvelist 3
cve 3
redhat 1
osv 1
github 1
suse 5
securityvulns 1
nessus
nessus
Debian DSA-436-1 : mailman - several vulnerabilities
2004-09-29 00:00:00
Mandrake Linux Security Advisory : mailman (MDKSA-2004:013)
2004-07-31 00:00:00
FreeBSD : mailman denial-of-service vulnerability in MailCommandHandler (b0e76877-67a8-11d8-80e3-0020ed76ef5a)
2009-04-23 00:00:00
openvas
openvas
Debian Security Advisory DSA 436-1 (mailman)
2008-01-17 00:00:00
Debian Security Advisory DSA 436-2 (mailman)
2008-01-17 00:00:00
Debian Security Advisory DSA 436-2 (mailman)
2008-01-17 00:00:00
debian
debian
[SECURITY] [DSA 436-2] New mailman packages fix bug introduced in DSA 436-1
2004-02-21 23:00:04
[SECURITY] [DSA 436-1] New mailman packages fix several vulnerabilities
2004-02-08 22:46:29
freebsd
freebsd
mailman XSS in admin script
2003-12-31 00:00:00
mailman XSS in user options page
2003-02-08 00:00:00
mailman denial-of-service vulnerability in MailCommandHandler
2003-11-18 00:00:00
debiancve
debiancve
CVE-2003-0965
2004-02-17 05:00:00
CVE-2003-0038
2003-02-07 05:00:00
CVE-2003-0991
2004-09-01 04:00:00
nvd
nvd
CVE-2003-0991
2004-03-03 05:00:00
CVE-2003-0965
2004-02-17 05:00:00
CVE-2003-0038
2003-02-07 05:00:00
cvelist
cvelist
CVE-2003-0038
2003-01-29 05:00:00
CVE-2003-0965
2004-01-15 05:00:00
CVE-2003-0991
2004-09-01 04:00:00
cve
cve
CVE-2003-0965
2004-02-17 05:00:00
CVE-2003-0991
2004-09-01 04:00:00
CVE-2003-0038
2003-02-07 05:00:00
redhat
redhat
(RHSA-2004:019) mailman security update
2004-02-09 00:00:00
osv
osv
Mailman Cross-site scripting (XSS) vulnerability
2022-04-29 01:25:43
github
github
Mailman Cross-site scripting (XSS) vulnerability
2022-04-29 01:25:43
suse
suse
remote denial-of-service in openssl
2004-03-17 13:37:40
local privilege escalation in xf86/XFree86
2004-02-23 16:37:48
local privilege escalation in Linux Kernel
2004-02-18 22:19:53
securityvulns
securityvulns
SUSE Security Announcement: cvs (SuSE-SA:2004:008)
2004-04-15 00:00:00

0.02 Low

EPSS

Percentile

89.0%

JSON
Related for OSV:DSA-436
nessus10openvas10debian2freebsd3debiancve3nvd3cvelist3cve3redhat1osv1github1suse5securityvulns1