ID CVE-2006-2191
Summary ** DISPUTED ** Format string vulnerability in Mailman before 2.1.9 allows attackers to execute arbitrary code via unspecified vectors. NOTE: the vendor has disputed this vulnerability, stating that it is "unexploitable."
References
Vulnerable Configurations
  • GNU Mailman 2.1.8
    cpe:2.3:a:gnu:mailman:2.1.8
CVSS
Base: 7.5 (as of 22-09-2006 - 01:43)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_MAILMAN-2170.NASL
    description This update of mailman fixes the following security issues : - A malicious user could visit a specially crafted URI and inject an apparent log message into Mailman's error log which might induce an unsuspecting administrator to visit a phishing site. This has been blocked. Thanks to Moritz Naumann for its discovery. - Fixed denial of service attack which can be caused by some standards-breaking RFC 2231 formatted headers. CVE-2006-2941. - Several cross-site scripting issues have been fixed. Thanks to Moritz Naumann for their discovery. CVE-2006-3636 - Fixed an unexploitable format string vulnerability. Discovery and fix by Karl Chen. Analysis of non-exploitability by Martin 'Joey' Schulze. Also thanks go to Lionel Elie Mamane. CVE-2006-2191.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27344
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27344
    title openSUSE 10 Security Update : mailman (mailman-2170)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_MAILMAN-2174.NASL
    description This update of mailman fixes the following security issues : - A malicious user could visit a specially crafted URI and inject an apparent log message into Mailman's error log which might induce an unsuspecting administrator to visit a phishing site. This has been blocked. Thanks to Moritz Naumann for its discovery. - Fixed denial of service attack which can be caused by some standards-breaking RFC 2231 formatted headers. CVE-2006-2941. - Several cross-site scripting issues have been fixed. Thanks to Moritz Naumann for their discovery. CVE-2006-3636: - Fixed an unexploitable format string vulnerability. Discovery and fix by Karl Chen. Analysis of non-exploitability by Martin 'Joey' Schulze. Also thanks go to Lionel Elie Mamane. CVE-2006-2191.
    last seen 2019-02-21
    modified 2012-05-17
    plugin id 29519
    published 2007-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29519
    title SuSE 10 Security Update : mailman (ZYPP Patch Number 2174)
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_11243.NASL
    description This update of mailman fixes the following security issues : - A malicious user could visit a specially crafted URI and inject an apparent log message into Mailman's error log which might induce an unsuspecting administrator to visit a phishing site. This has been blocked. Thanks to Moritz Naumann for its discovery. - Fixed denial of service attack which can be caused by some standards-breaking RFC 2231 formatted headers. CVE-2006-2941. - Several cross-site scripting issues have been fixed. Thanks to Moritz Naumann for their discovery. CVE-2006-3636 - Fixed an unexploitable format string vulnerability. Discovery and fix by Karl Chen. Analysis of non-exploitability by Martin 'Joey' Schulze. Also thanks go to Lionel Elie Mamane. CVE-2006-2191.
    last seen 2019-02-21
    modified 2012-04-23
    plugin id 41102
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41102
    title SuSE9 Security Update : mailman (YOU Patch Number 11243)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_FFFA92573C1711DB86AB00123FFE8333.NASL
    description Secunia reports : Mailman can be exploited by malicious people to conduct cross-site scripting and phishing attacks, and cause a DoS (Denial of Service). 1) An error in the logging functionality can be exploited to inject a spoofed log message into the error log via a specially crafted URL. Successful exploitation may trick an administrator into visiting a malicious website. 2) An error in the processing of malformed headers which does not follow the RFC 2231 standard can be exploited to cause a DoS (Denial of Service). 3) Some unspecified input isn't properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
    last seen 2019-02-21
    modified 2018-12-05
    plugin id 22304
    published 2006-09-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22304
    title FreeBSD : mailman -- Multiple Vulnerabilities (fffa9257-3c17-11db-86ab-00123ffe8333)
refmap via4
mlist
  • [Mailman-Announce] 20060913 RELEASED: Mailman 2.1.9
  • [security] 20060906 Re: mailman 2.1.5-8sarge3: screwup between security and maintainer upload
secunia
  • 21732
  • 22639
suse SUSE-SR:2006:025
Last major update 30-08-2016 - 21:59
Published 19-09-2006 - 17:07
Back to Top