Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0564

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-0564
Last Modified 17 Mar 2011 10:18:54
Published 04 Feb 2008 09:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-0564

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Mailman before 2.1.10b1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) editing templates and (2) the list's "info attribute" in the web administrator interface, a different vulnerability than CVE-2006-3636.

Vulnerable Systems

Application

  • Mailman 2.1.10b


References

VUPEN - ADV-2011-0542

VUPEN - ADV-2008-0422

REDHAT - RHSA-2011:0307

CONFIRM - http://support.apple.com/kb/HT4077

SECUNIA - 43549

SECUNIA - 31687

MLIST - [Mailman-Announce] 20080203 Mailman 2.1.10b3 Released (was: Re: Mailman 2.1.10b1 Released)

SUSE - SUSE-SR:2008:017

APPLE - APPLE-SA-2010-03-29-1

FEDORA - FEDORA-2008-1334

CONFIRM - https://issues.rpath.com/browse/RPL-2207

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=431526

UBUNTU - USN-586-1

BID - 27630

BUGTRAQ - 20080215 rPSA-2008-0056-1 mailman

MANDRIVA - MDVSA-2008:061

CONFIRM - http://wiki.rpath.com/Advisories:rPSA-2008-0056

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=559308&group_id=103

SECUNIA - 29388

SECUNIA - 29249

SECUNIA - 28966

SECUNIA - 28916

SECUNIA - 28794

Related Patches

Red Hat 2011:0307-01 RHSA Moderate: mailman security update for RHEL 5 x86


Last Updated: 27 May 2016 10:46:51