Test Kennung:	1.3.6.1.4.1.25623.1.0.831339
Kategorie:	Mandrake Local Security Checks
Titel:	Mandriva Update for mailman MDVSA-2011:036 (mailman)
Zusammenfassung:	The remote host is missing an update for the 'mailman'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'mailman' package(s) announced via the referenced advisory. Vulnerability Insight: A vulnerability has been found and corrected in mailman: Multiple cross-site scripting (XSS) vulnerabilities in Cgi/confirm.py in GNU Mailman 2.1.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) full name or (2) username field in a confirmation message (CVE-2011-0707). Packages for 2009.0 are provided as of the Extended Maintenance Program. The updated packages have been patched to correct this issue. Affected Software/OS: mailman on Mandriva Linux 2009.0, Mandriva Linux 2009.0/X86_64, Mandriva Linux 2010.0, Mandriva Linux 2010.0/X86_64, Mandriva Linux 2010.1, Mandriva Linux 2010.1/X86_64, Mandriva Enterprise Server 5, Mandriva Enterprise Server 5/X86_64 Solution: Please Install the Updated Packages. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0707 1025106 http://www.securitytracker.com/id?1025106 43294 http://secunia.com/advisories/43294 43389 http://secunia.com/advisories/43389 43425 http://secunia.com/advisories/43425 43549 http://secunia.com/advisories/43549 43580 http://secunia.com/advisories/43580 43829 http://secunia.com/advisories/43829 46464 http://www.securityfocus.com/bid/46464 70936 http://osvdb.org/70936 ADV-2011-0435 http://www.vupen.com/english/advisories/2011/0435 ADV-2011-0436 http://www.vupen.com/english/advisories/2011/0436 ADV-2011-0460 http://www.vupen.com/english/advisories/2011/0460 ADV-2011-0487 http://www.vupen.com/english/advisories/2011/0487 ADV-2011-0542 http://www.vupen.com/english/advisories/2011/0542 ADV-2011-0720 http://www.vupen.com/english/advisories/2011/0720 APPLE-SA-2011-10-12-3 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html DSA-2170 http://www.debian.org/security/2011/dsa-2170 FEDORA-2011-2030 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056399.html FEDORA-2011-2102 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056387.html FEDORA-2011-2125 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056363.html MDVSA-2011:036 http://www.mandriva.com/security/advisories?name=MDVSA-2011:036 RHSA-2011:0307 http://www.redhat.com/support/errata/RHSA-2011-0307.html RHSA-2011:0308 http://www.redhat.com/support/errata/RHSA-2011-0308.html SUSE-SR:2011:009 http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html USN-1069-1 http://www.ubuntu.com/usn/USN-1069-1 [mailman-announce] 20110213 Mailman Security Patch Announcement http://mail.python.org/pipermail/mailman-announce/2011-February/000157.html [mailman-announce] 20110218 Mailman Security Patch Announcement http://mail.python.org/pipermail/mailman-announce/2011-February/000158.html http://support.apple.com/kb/HT5002 mailman-fullname-xss(65538) https://exchange.xforce.ibmcloud.com/vulnerabilities/65538 openSUSE-SU-2011:0424 http://lists.opensuse.org/opensuse-updates/2011-05/msg00000.html
Copyright	Copyright (C) 2011 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.