RSS   Vulnerabilities for 'Mailman webmail'   RSS

2002-08-12
 
CVE-2002-0417

 

 
Directory traversal vulnerability in Endymion MailMan before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) and a null character in the ALTERNATE_TEMPLATES parameter for various mmstdo*.cgi programs.

 
2001-02-16
 
CVE-2001-0021

 

 
MailMan Webmail 3.0.25 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the alternate_template parameter.

 
1999-12-02
 
CVE-1999-0850

 

 
The default permissions for Endymion MailMan allow local users to read email or modify files.

 

 >>> Vendor: Endymion 2 Products
Mailman webmail
Sake mail


Copyright 2024, cxsecurity.com

 

Back to Top