Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3636

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2006-3636
Last Modified 07 Mar 2011 09:39:08
Published 05 Sep 2006 08:04:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-3636

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Mailman before 2.1.9rc1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Systems

Application

  • Gnu Mailman 2.1

  • Gnu Mailman 2.1.1

  • Gnu Mailman 2.1.2

  • Gnu Mailman 2.1.3

  • Gnu Mailman 2.1.4

  • Gnu Mailman 2.1.5

  • Gnu Mailman 2.1.5.8

  • Gnu Mailman 2.1.6

  • Gnu Mailman 2.1.7

  • Gnu Mailman 2.1.8

  • Gnu Mailman 2.1b1


References

CONFIRM - http://sourceforge.net/project/shownotes.php?group_id=103&release_id=444295

SECUNIA - 21732

VUPEN - ADV-2006-3446

XF - mailman-unspecified-xss(28731)

UBUNTU - USN-345-1

BID - 20021

BID - 19831

BUGTRAQ - 20060913 Mailman 2.1.8 Multiple Security Issues

SUSE - SUSE-SR:2006:025

MANDRIVA - MDKSA-2006:165

DEBIAN - DSA-1188

SECTRACK - 1016808

GENTOO - GLSA-200609-12

SECUNIA - 22639

SECUNIA - 22227

SECUNIA - 22020

SECUNIA - 22011

SECUNIA - 21879

SECUNIA - 21792

REDHAT - RHSA-2006:0600

MISC - http://moritz-naumann.com/adv/0013/mailmanmulti/0013.txt

MLIST - [Mailman-Announce] 20060913 RELEASED: Mailman 2.1.9


Last Updated: 27 May 2016 10:43:05