漏洞信息详情
GNU Mailman Pipermail Index Summary HTML注入漏洞
- CNNVD编号:CNNVD-200206-050
- 危害等级: 高危
- CVE编号: CVE-2002-0388
- 漏洞类型: 跨站脚本
- 发布时间: 2002-06-18
- 威胁类型: 远程
- 更新时间: 2009-07-21
- 厂 商: gnu
- 漏洞来源: Discovery of this ...
漏洞简介
Mailman before 2.0.11版本存在跨站脚本漏洞。远程攻击者借助1)admin登录页面,或者(2)Pipermail索引摘要执行脚本。
漏洞公告
Debian has released an advisory which addresses this issue. See the attached advisory for details on obtaining fixes. Upgrades are available: GNU Mailman 2.0.1
- GNU mailman-2.0.12.tgz http://prdownloads.sourceforge.net/mailman/mailman-2.0.12.tgz
- GNU mailman-2.0.12.tgz http://prdownloads.sourceforge.net/mailman/mailman-2.0.12.tgz
- GNU mailman-2.0.12.tgz http://prdownloads.sourceforge.net/mailman/mailman-2.0.12.tgz
- GNU mailman-2.0.12.tgz http://prdownloads.sourceforge.net/mailman/mailman-2.0.12.tgz
- GNU mailman-2.0.12.tgz http://prdownloads.sourceforge.net/mailman/mailman-2.0.12.tgz
- GNU mailman-2.0.12.tgz http://prdownloads.sourceforge.net/mailman/mailman-2.0.12.tgz
- GNU mailman-2.0.12.tgz http://prdownloads.sourceforge.net/mailman/mailman-2.0.12.tgz
- GNU mailman-2.0.12.tgz http://prdownloads.sourceforge.net/mailman/mailman-2.0.12.tgz
- Conectiva mailman-2.0.11-1U8_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/mailman-2.0.11-1U8_1cl.i386 .rpm
- Conectiva mailman-2.0.11-1U8_1cl.src.rpmSource RPM. ftp://atualizacoes.conectiva.com.br/8/SRPMS/mailman-2.0.11-1U8_1cl.src .rpm
- Conectiva mailman-2.0.11-2U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/mailman-2.0.11-2U60_1cl.i 386.rpm
- Conectiva mailman-2.0.11-2U60_1cl.src.rpmSource RPM. ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/mailman-2.0.11-2U60_1cl. src.rpm
- Conectiva mailman-2.0.11-2U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/mailman-2.0.11-2U70_1cl.i 386.rpm
- Conectiva mailman-2.0.11-2U70_1cl.src.rpmSource RPM. ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/mailman-2.0.11-2U70_1cl. src.rpm
- GNU mailman-2.0.12.tgz http://prdownloads.sourceforge.net/mailman/mailman-2.0.12.tgz
- Red Hat mailman-2.0.11-0.7.1.alpha.rpm ftp://updates.redhat.com/7.1/en/powertools/alpha/mailman-2.0.11-0.7.1. alpha.rpm
- Red Hat mailman-2.0.11-0.7.1.i386.rpm ftp://updates.redhat.com/7.1/en/powertools/i386/mailman-2.0.11-0.7.1.i 386.rpm
- Red Hat mailman-2.0.11-0.7.1.src.rpmSource RPM. ftp://updates.redhat.com/7.1/en/powertools/SRPMS/mailman-2.0.11-0.7.1. src.rpm
- Red Hat mailman-2.0.11-0.7.alpha.rpm ftp://updates.redhat.com/7.0/en/powertools/alpha/mailman-2.0.11-0.7.al pha.rpm
- Red Hat mailman-2.0.11-0.7.i386.rpm ftp://updates.redhat.com/7.0/en/powertools/i386/mailman-2.0.11-0.7.i38 6.rpm
- Red Hat mailman-2.0.11-0.7.src.rpmSource RPM. ftp://updates.redhat.com/7.0/en/powertools/SRPMS/mailman-2.0.11-0.7.sr c.rpm
- Red Hat mailman-2.0.11-1.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/mailman-2.0.11-1.i386.rpm
- Red Hat mailman-2.0.11-1.i386.rpm ftp://updates.redhat.com/7.3/en/os/i386/mailman-2.0.11-1.i386.rpm
- Red Hat mailman-2.0.11-1.ia64.rpm ftp://updates.redhat.com/7.2/en/os/ia64/mailman-2.0.11-1.ia64.rpm
- Red Hat mailman-2.0.11-1.src.rpmSource RPM. ftp://updates.redhat.com/7.2/en/os/SRPMS/mailman-2.0.11-1.src.rpm
- Red Hat mailman-2.0.11-1.src.rpmSource RPM. ftp://updates.redhat.com/7.3/en/os/SRPMS/mailman-2.0.11-1.src.rpm
- GNU mailman-2.0.12.tgz http://prdownloads.sourceforge.net/mailman/mailman-2.0.12.tgz
参考网址
来源: mail.python.org 链接:http://mail.python.org/pipermail/mailman-announce/2002-May/000042.HTML 来源: BID 名称: 4826 链接:http://www.securityfocus.com/bid/4826
受影响实体
- Gnu Mailman:2.0.11
- Gnu Mailman:2.0.11
补丁
暂无
特别声明
本站(ZONE.CI)所有文章仅供技术研究,若将其信息做其他用途,由用户承担全部法律及连带责任,本站不承担任何法律及连带责任,请遵守中华人民共和国安全法.
评论