Test ID:	1.3.6.1.4.1.25623.1.0.53340
Category:	Debian Local Security Checks
Title:	Debian Security Advisory DSA 271-1 (ecartis, listar)
Summary:	The remote host is missing an update to ecartis, listar;announced via advisory DSA 271-1.
Description:	Summary: The remote host is missing an update to ecartis, listar announced via advisory DSA 271-1. Vulnerability Insight: A problem has been discovered in ecartis, a mailing list manager, formerly known as listar. This vulnerability enables an attacker to reset the password of any user defined on the list server, including the list admins. For the stable distribution (woody) this problem has been fixed in version 0.129a+1.0.0-snap20020514-1.1 of ecartis. For the old stable distribution (potato) this problem has been fixed in version 0.129a-2.potato3 of listar. For the unstable distribution (sid) this problem has been fixed in version 1.0.0+cvs.20030321-1 of ecartis. Solution: We recommend that you upgrade your ecartis and listar packages. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2003-0162 BugTraq ID: 6971 http://www.securityfocus.com/bid/6971 Bugtraq: 20030227 Ecardis Password Reseting Vulnerability (Google Search) http://marc.info/?l=bugtraq&m=104636153214262&w=2 Bugtraq: 20030303 Re: Ecardis Password Reseting Vulnerability (Google Search) http://marc.info/?l=bugtraq&m=104673407728323&w=2 Debian Security Information: DSA-271 (Google Search) http://www.debian.org/security/2003/dsa-271 XForce ISS Database: ecartis-password-reset(11431) https://exchange.xforce.ibmcloud.com/vulnerabilities/11431
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.