Test ID:	1.3.6.1.4.1.25623.1.0.68277
Category:	Mandrake Local Security Checks
Title:	Mandriva Security Advisory MDVSA-2010:191 (mailman)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to mailman announced via advisory MDVSA-2010:191. Multiple vulnerabilities has been found and corrected in mailman: Multiple cross-site scripting (XSS) vulnerabilities in GNU Mailman before 2.1.14rc1 allow remote authenticated users to inject arbitrary web script or HTML via vectors involving (1) the list information field or (2) the list description field (CVE-2010-3089). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. Affected: 2008.0, 2009.0, 2009.1, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2010:191 Risk factor : Medium CVSS Score: 3.5
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3089 41265 http://secunia.com/advisories/41265 42502 http://secunia.com/advisories/42502 43294 http://secunia.com/advisories/43294 43425 http://secunia.com/advisories/43425 43549 http://secunia.com/advisories/43549 43580 http://secunia.com/advisories/43580 ADV-2010-3271 http://www.vupen.com/english/advisories/2010/3271 ADV-2011-0436 http://www.vupen.com/english/advisories/2011/0436 ADV-2011-0460 http://www.vupen.com/english/advisories/2011/0460 ADV-2011-0542 http://www.vupen.com/english/advisories/2011/0542 APPLE-SA-2011-03-21-1 http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html DSA-2170 http://www.debian.org/security/2011/dsa-2170 FEDORA-2010-14834 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052312.html FEDORA-2010-14877 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052297.html RHSA-2011:0307 http://www.redhat.com/support/errata/RHSA-2011-0307.html RHSA-2011:0308 http://www.redhat.com/support/errata/RHSA-2011-0308.html SUSE-SR:2011:009 http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html USN-1069-1 http://www.ubuntu.com/usn/USN-1069-1 [mailman-announce] 20100905 Mailman security patch. http://mail.python.org/pipermail/mailman-announce/2010-September/000150.html [mailman-announce] 20100909 Mailman security patch. http://mail.python.org/pipermail/mailman-announce/2010-September/000151.html [oss-security] 20100913 CVE Request: mailman http://marc.info/?l=oss-security&m=128438736513097&w=2 [oss-security] 20100913 Re: CVE Request: mailman http://marc.info/?l=oss-security&m=128440851513718&w=2 http://marc.info/?l=oss-security&m=128441135117819&w=2 http://marc.info/?l=oss-security&m=128441237618793&w=2 http://marc.info/?l=oss-security&m=128441369020123&w=2 http://support.apple.com/kb/HT4581 https://bugzilla.redhat.com/show_bug.cgi?id=631859 https://bugzilla.redhat.com/show_bug.cgi?id=631881 https://launchpad.net/mailman/+milestone/2.1.14rc1 openSUSE-SU-2011:0424 http://lists.opensuse.org/opensuse-updates/2011-05/msg00000.html
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.