Mandrake Local Security Checks : Mandrake Security Advisory MDVSA-2008:061 (mailman)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.60465

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDVSA-2008:061 (mailman)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to mailman
announced via advisory MDVSA-2008:061.

Multiple cross-site scripting (XSS) vulnerabilities were found in
Mailman prior to version 2.1.10b1, which allow remote attackers to
inject arbitrary web script or HTML via edting templates and the
list's info attribute in the web administrator interface.

The updated packages have been patched to correct these issues.

Affected: 2007.0, 2007.1, 2008.0, Corporate 3.0, Corporate 4.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2008:061

Risk factor : Medium

CVSS Score:
4.3

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-0564
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
BugTraq ID: 27630
http://www.securityfocus.com/bid/27630
Bugtraq: 20080215 rPSA-2008-0056-1 mailman (Google Search)
http://www.securityfocus.com/archive/1/488236/100/0/threaded
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00452.html
http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:061
http://mail.python.org/pipermail/mailman-announce/2008-February/000096.html
http://www.redhat.com/support/errata/RHSA-2011-0307.html
http://secunia.com/advisories/28794
http://secunia.com/advisories/28916
http://secunia.com/advisories/28966
http://secunia.com/advisories/29249
http://secunia.com/advisories/29388
http://secunia.com/advisories/31687
http://secunia.com/advisories/43549
SuSE Security Announcement: SUSE-SR:2008:017 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
http://www.ubuntu.com/usn/usn-586-1
http://www.vupen.com/english/advisories/2008/0422
http://www.vupen.com/english/advisories/2011/0542

Copyright Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.60465
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDVSA-2008:061 (mailman)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to mailman announced via advisory MDVSA-2008:061. Multiple cross-site scripting (XSS) vulnerabilities were found in Mailman prior to version 2.1.10b1, which allow remote attackers to inject arbitrary web script or HTML via edting templates and the list's info attribute in the web administrator interface. The updated packages have been patched to correct these issues. Affected: 2007.0, 2007.1, 2008.0, Corporate 3.0, Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2008:061 Risk factor : Medium CVSS Score: 4.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-0564 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html BugTraq ID: 27630 http://www.securityfocus.com/bid/27630 Bugtraq: 20080215 rPSA-2008-0056-1 mailman (Google Search) http://www.securityfocus.com/archive/1/488236/100/0/threaded https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00452.html http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:061 http://mail.python.org/pipermail/mailman-announce/2008-February/000096.html http://www.redhat.com/support/errata/RHSA-2011-0307.html http://secunia.com/advisories/28794 http://secunia.com/advisories/28916 http://secunia.com/advisories/28966 http://secunia.com/advisories/29249 http://secunia.com/advisories/29388 http://secunia.com/advisories/31687 http://secunia.com/advisories/43549 SuSE Security Announcement: SUSE-SR:2008:017 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html http://www.ubuntu.com/usn/usn-586-1 http://www.vupen.com/english/advisories/2008/0422 http://www.vupen.com/english/advisories/2011/0542
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com