Búsqueda de    
Vulnerabilidad   
    Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.69062
Categoría:Mandrake Local Security Checks
Título:Mandriva Security Advisory MDVSA-2011:036 (mailman)
Resumen:NOSUMMARY
Descripción:Description:
The remote host is missing an update to mailman
announced via advisory MDVSA-2011:036.

A vulnerability has been found and corrected in mailman:

Multiple cross-site scripting (XSS) vulnerabilities in Cgi/confirm.py
in GNU Mailman 2.1.14 and earlier allow remote attackers to inject
arbitrary web script or HTML via the (1) full name or (2) username
field in a confirmation message (CVE-2011-0707).

Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct this issue.

Affected: 2009.0, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2011:036

Risk factor : Medium

CVSS Score:
4.3

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-0707
1025106
http://www.securitytracker.com/id?1025106
43294
http://secunia.com/advisories/43294
43389
http://secunia.com/advisories/43389
43425
http://secunia.com/advisories/43425
43549
http://secunia.com/advisories/43549
43580
http://secunia.com/advisories/43580
43829
http://secunia.com/advisories/43829
46464
http://www.securityfocus.com/bid/46464
70936
http://osvdb.org/70936
ADV-2011-0435
http://www.vupen.com/english/advisories/2011/0435
ADV-2011-0436
http://www.vupen.com/english/advisories/2011/0436
ADV-2011-0460
http://www.vupen.com/english/advisories/2011/0460
ADV-2011-0487
http://www.vupen.com/english/advisories/2011/0487
ADV-2011-0542
http://www.vupen.com/english/advisories/2011/0542
ADV-2011-0720
http://www.vupen.com/english/advisories/2011/0720
APPLE-SA-2011-10-12-3
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
DSA-2170
http://www.debian.org/security/2011/dsa-2170
FEDORA-2011-2030
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056399.html
FEDORA-2011-2102
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056387.html
FEDORA-2011-2125
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056363.html
MDVSA-2011:036
http://www.mandriva.com/security/advisories?name=MDVSA-2011:036
RHSA-2011:0307
http://www.redhat.com/support/errata/RHSA-2011-0307.html
RHSA-2011:0308
http://www.redhat.com/support/errata/RHSA-2011-0308.html
SUSE-SR:2011:009
http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
USN-1069-1
http://www.ubuntu.com/usn/USN-1069-1
[mailman-announce] 20110213 Mailman Security Patch Announcement
http://mail.python.org/pipermail/mailman-announce/2011-February/000157.html
[mailman-announce] 20110218 Mailman Security Patch Announcement
http://mail.python.org/pipermail/mailman-announce/2011-February/000158.html
http://support.apple.com/kb/HT5002
mailman-fullname-xss(65538)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65538
openSUSE-SU-2011:0424
http://lists.opensuse.org/opensuse-updates/2011-05/msg00000.html
CopyrightCopyright (c) 2011 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2025 E-Soft Inc. Todos los derechos reservados.