Debian: mailman Password leak vulnerability
A flaw in Mailman 2.1.* allows a remote attacker to retrieve the mailman password of any subscriber by sending a carefully crafted email request to the mailman server.
A flaw in Mailman 2.1.* allows a remote attacker to retrieve the mailman password of any subscriber by sending a carefully crafted email request to the mailman server.
Updated libxml2 packages that fix an overflow when parsing remote resources are now available.
This vulnerability could potentially be exploited by a local user to execute arbitrary code with root privileges.
Updated cvs packages that fix remote denial of service vulnerabilities are now available. (This is a legacy Red Hat fix, released by the Fedora Project).
An attacker could create a carefully crafted directory on a websitesuch that, if a user connects to that directory using the lftp clientand subsequently issues a ‘ls’ or ‘rels’ command, the attacker couldexecute arbitrary code on the users machine.
58 queries. 8.75 mb Memory usage. 1.670 seconds.