Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2005:235

The remote host is missing updates announced in
advisory RHSA-2005:235.

Mailman manages electronic mail discussion and e-newsletter lists.

A cross-site scripting (XSS) flaw in the driver script of mailman prior to
version 2.1.5 could allow remote attackers to execute scripts as other web
users. The Common Vulnerabilities and Exposures project (
has assigned the name CVE-2004-1177 to this issue.

Users of mailman should update to this erratum package, which corrects this
issue by turning on STEALTH_MODE by default and using Utils.websafe() to
quote the html.

Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

Risk factor : Medium

CVSS Score:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2004-1177
Bugtraq: 20050110 [USN-59-1] mailman vulnerabilities (Google Search)
Debian Security Information: DSA-674 (Google Search)
SuSE Security Announcement: SUSE-SA:2005:007 (Google Search)
XForce ISS Database: mailman-script-driver-xss(18854)
CopyrightCopyright (c) 2005 E-Soft Inc.

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.