SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (E-mail Server)  >   Mailman Vendors:   GNU [multiple authors]
Mailman Input Validation Hole in 'private.py' Discloses Files to Remote Users
SecurityTracker Alert ID:  1013145
SecurityTracker URL:  http://securitytracker.com/id/1013145
CVE Reference:   CVE-2005-0202   (Links to External Site)
Date:  Feb 10 2005
Impact:   Disclosure of authentication information, Disclosure of system information, Disclosure of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2.1 - 2.1.5
Description:   An input validation vulnerability was reported in Mailman in 'private.py'. A remote user can access arbitrary files on the target system.

The true_path() function does not properly validate user-supplied input. A remote user that is a member of a private mailman list can submit a specially crafted input value to access files on the system, including the mailman configuration files and passwords.

A demonsration exploit may contain the following string:

"/...../"

Marcus Meissner reported this flaw.

Impact:   A remote user can access arbitrary files on the target system, including the mailman configuration files with user e-mail addresses and passwords.
Solution:   Version 2.1.6 is not vulnerable.

For prior 2.1.x versions, the vendor has issued a patch, available at:

http://mailman.sourceforge.net/CVE-2005-0202.txt

Vendor URL:  mailman.sf.net/ (Links to External Site)
Cause:   Input validation error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Feb 10 2005 (Red Hat Issues Fix) Mailman Input Validation Hole in 'private.py' Discloses Files to Remote Users
Red Hat has released a fix.
Feb 10 2005 (Gentoo Issues Fix) Mailman Input Validation Hole in 'private.py' Discloses Files to Remote Users
Gentoo has released a fix.
Feb 11 2005 (Debian Issues Fix) Mailman Input Validation Hole in 'private.py' Discloses Files to Remote Users
Debian has released a fix.
Feb 15 2005 (SuSE Issues Fix) Mailman Input Validation Hole in 'private.py' Discloses Files to Remote Users
SuSE has issued a fix.
Feb 15 2005 (Red Hat Issues Fix) Mailman Input Validation Hole in 'private.py' Discloses Files to Remote Users
Red Hat has released a fix.
Feb 16 2005 (Mandrake Issues Fix) Mailman Input Validation Hole in 'private.py' Discloses Files to Remote Users
Mandrake has released a fix.
Feb 22 2005 (Debian Issues Fix) Mailman Input Validation Hole in 'private.py' Discloses Files to Remote Users
Debian has released a fix.
Mar 22 2005 (Apple Issues Fix for OS X) Mailman Input Validation Hole in 'private.py' Discloses Files to Remote Users
Apple has issued a fix for Mac OS X.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC