exploits , vulnerabilities , articles , GNU Mailman Create Script Unspecified Cross-Site Scripting Vulnerability

Title	GNU Mailman Create Script Unspecified Cross-Site Scripting Vulnerability
Published	2003-09-29-12:00AM
Updated	2004-05-25-10:00PM
Class	Input Validation Error
CVE	CAN-2003-0992
Remote	Yes
Local	No
Credit	This issue was disclosed by the vendor.
Vulnerable	GNU Mailman 2.1.1 RedHat Linux 7.3 RedHat Linux 7.3 i386 RedHat Linux 7.3 i686 RedHat Linux 9.0 i386 GNU Mailman 2.1 b1 GNU Mailman 2.1 GNU Mailman 2.0.13 RedHat Enterprise Linux AS 2.1 RedHat Enterprise Linux AS 2.1 IA64 RedHat Enterprise Linux ES 2.1 RedHat Enterprise Linux ES 2.1 IA64 RedHat Enterprise Linux WS 2.1 RedHat Enterprise Linux WS 2.1 IA64 GNU Mailman 2.0.12 GNU Mailman 2.0.11 Debian Linux 3.0 GNU Mailman 2.0.10 GNU Mailman 2.0.9 GNU Mailman 2.0.8 Conectiva Linux 5.0 Conectiva Linux 5.1 Conectiva Linux 6.0 Conectiva Linux 7.0 Conectiva Linux 8.0 RedHat Linux 7.2 i386 RedHat Linux 7.2 ia64 RedHat Linux 7.3 i386 RedHat PowerTools 7.0 RedHat PowerTools 7.1 GNU Mailman 2.0.7 GNU Mailman 2.0.6 GNU Mailman 2.0.5 Conectiva Linux 4.1 Conectiva Linux 4.2 Conectiva Linux 5.0 Conectiva Linux 5.1 Conectiva Linux 6.0 Conectiva Linux 7.0 Debian Linux 2.2 Debian Linux 2.2 68k Debian Linux 2.2 alpha Debian Linux 2.2 arm Debian Linux 2.2 powerpc Debian Linux 2.2 sparc FreeBSD FreeBSD 4.3 HP HPUX 10.20 HP HPUX 11.0 HP HPUX 11.11 MandrakeSoft Linux Mandrake 7.1 MandrakeSoft Linux Mandrake 7.2 MandrakeSoft Linux Mandrake 8.0 NetBSD NetBSD 1.5.1 NetBSD NetBSD 1.5.2 OpenBSD OpenBSD 2.7 OpenBSD OpenBSD 2.8 OpenBSD OpenBSD 2.9 RedHat Linux 7.0 RedHat Linux 7.1 S.u.S.E. Linux 7.0 S.u.S.E. Linux 7.1 S.u.S.E. Linux 7.2 Slackware Linux 7.0 Slackware Linux 7.1 Slackware Linux 8.0 Sun Solaris 2.6 Sun Solaris 7.0 Sun Solaris 8.0 GNU Mailman 2.0.4 GNU Mailman 2.0.4 GNU Mailman 2.0.3 GNU Mailman 2.0.2 GNU Mailman 2.0.1 GNU Mailman 2.0 beta5 RedHat Secure Web Server 3.2 i386 GNU Mailman 2.0 beta4 BSDI BSD/OS 4.0 Conectiva Linux 4.1 Conectiva Linux 4.2 Conectiva Linux 5.0 Conectiva Linux 5.1 Debian Linux 2.1 Debian Linux 2.2 Digital UNIX 4.0 FreeBSD FreeBSD 3.5 FreeBSD FreeBSD 4.0 FreeBSD FreeBSD 5.0 HP HPUX 10.20 HP HPUX 11.0 IBM AIX 4.3 MandrakeSoft Linux Mandrake 7.0 MandrakeSoft Linux Mandrake 7.1 NetBSD NetBSD 1.4.1 x86 NetBSD NetBSD 1.4.2 x86 RedHat Secure Web Server 3.0 i386 RedHat Secure Web Server 3.1 alpha RedHat Secure Web Server 3.1 i386 RedHat Secure Web Server 3.1 sparc RedHat Secure Web Server 3.2 i386 SGI IRIX 6.5 Sun Solaris 7.0 Sun Solaris 8.0 GNU Mailman 2.0 beta3 BSDI BSD/OS 4.0 Conectiva Linux 4.1 Conectiva Linux 4.2 Conectiva Linux 5.0 Conectiva Linux 5.1 Debian Linux 2.1 Debian Linux 2.2 Digital UNIX 4.0 FreeBSD FreeBSD 3.5 FreeBSD FreeBSD 4.0 FreeBSD FreeBSD 5.0 HP HPUX 10.20 HP HPUX 11.0 IBM AIX 4.3 MandrakeSoft Linux Mandrake 7.0 MandrakeSoft Linux Mandrake 7.1 NetBSD NetBSD 1.4.1 x86 NetBSD NetBSD 1.4.2 x86 RedHat Secure Web Server 3.0 i386 RedHat Secure Web Server 3.1 alpha RedHat Secure Web Server 3.1 i386 RedHat Secure Web Server 3.1 sparc RedHat Secure Web Server 3.2 i386 SGI IRIX 6.5 Sun Solaris 7.0 Sun Solaris 8.0 GNU Mailman 2.0 .8 RedHat Secure Web Server 3.2 i386 GNU Mailman 2.0 .7 GNU Mailman 2.0 .6 RedHat Linux 7.2 i386 GNU Mailman 2.0 .5 GNU Mailman 2.0 .3 GNU Mailman 2.0 .2 GNU Mailman 2.0 .1 GNU Mailman 2.0 GNU Mailman 1.1 Debian Linux 2.2 Debian Linux 2.2 68k Debian Linux 2.2 alpha Debian Linux 2.2 arm Debian Linux 2.2 IA32 Debian Linux 2.2 powerpc Debian Linux 2.2 sparc GNU Mailman 1.0 Debian Linux 2.1
Not Vulnerable	GNU Mailman 2.1.3
Code	No exploit is required.
TXT

Vulnerabilities - newest 10 RSS | More

• 2009-12-18 Drupal Contact and Menu Modules Multiple HTML Injection Vulnerabilities
• 2009-12-18 Mozilla Firefox and SeaMonkey NTLM Credential Reflection Authentication Bypass Vulnerability
• 2009-12-18 Mozilla Firefox CVE-2009-3982 JavaScript Engine Multiple Remote Memory Corruption Vulnerabilities
• 2009-12-17 Zen Cart Insecure File and Programs Information Disclosure and Database Deletion Vulnerability
• 2009-12-17 Winamp Module Decoder Plugin Multiple Buffer Overflow Vulnerabilities
• 2009-12-17 Winamp JPEG and PNG Multiple Integer Overflow Vulnerabilities
• 2009-12-17 HP OpenView Storage Data Protector Stack Buffer Overflow Vulnerability
• 2009-12-17 IBM WebSphere Application Server Feature Pack for CEA Spoofing Vulnerability
• 2009-12-17 Digital Scribe Cross Site Scripting and SQL Injection Vulnerabilities
• 2009-12-17 WP-Forum WordPress Plugin Multiple SQL Injection Vulnerabilities

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Fri, 18 Dec 2009 18:54:45 +0000