FreeBSD Local Security Checks : FreeBSD Ports: ja-mailman, mailman, mailman-with-htdig

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.60883

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: ja-mailman, mailman, mailman-with-htdig

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following packages are affected:

ja-mailman
mailman
mailman-with-htdig

CVE-2008-0564
Multiple cross-site scripting (XSS) vulnerabilities in Mailman before
2.1.10b1 allow remote attackers to inject arbitrary web script or HTML
via unspecified vectors related to (1) editing templates and (2) the
list's 'info attribute' in the web administrator interface, a
different vulnerability than CVE-2006-3636.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-0564
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
BugTraq ID: 27630
http://www.securityfocus.com/bid/27630
Bugtraq: 20080215 rPSA-2008-0056-1 mailman (Google Search)
http://www.securityfocus.com/archive/1/488236/100/0/threaded
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00452.html
http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:061
http://mail.python.org/pipermail/mailman-announce/2008-February/000096.html
http://www.redhat.com/support/errata/RHSA-2011-0307.html
http://secunia.com/advisories/28794
http://secunia.com/advisories/28916
http://secunia.com/advisories/28966
http://secunia.com/advisories/29249
http://secunia.com/advisories/29388
http://secunia.com/advisories/31687
http://secunia.com/advisories/43549
SuSE Security Announcement: SUSE-SR:2008:017 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
http://www.ubuntu.com/usn/usn-586-1
http://www.vupen.com/english/advisories/2008/0422
http://www.vupen.com/english/advisories/2011/0542

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.60883
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: ja-mailman, mailman, mailman-with-htdig
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: ja-mailman mailman mailman-with-htdig CVE-2008-0564 Multiple cross-site scripting (XSS) vulnerabilities in Mailman before 2.1.10b1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) editing templates and (2) the list's 'info attribute' in the web administrator interface, a different vulnerability than CVE-2006-3636. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-0564 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html BugTraq ID: 27630 http://www.securityfocus.com/bid/27630 Bugtraq: 20080215 rPSA-2008-0056-1 mailman (Google Search) http://www.securityfocus.com/archive/1/488236/100/0/threaded https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00452.html http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:061 http://mail.python.org/pipermail/mailman-announce/2008-February/000096.html http://www.redhat.com/support/errata/RHSA-2011-0307.html http://secunia.com/advisories/28794 http://secunia.com/advisories/28916 http://secunia.com/advisories/28966 http://secunia.com/advisories/29249 http://secunia.com/advisories/29388 http://secunia.com/advisories/31687 http://secunia.com/advisories/43549 SuSE Security Announcement: SUSE-SR:2008:017 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html http://www.ubuntu.com/usn/usn-586-1 http://www.vupen.com/english/advisories/2008/0422 http://www.vupen.com/english/advisories/2011/0542
Copyright	Copyright (C) 2008 E-Soft Inc.