exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Secunia Security Advisory 21879

Secunia Security Advisory 21879
Posted Sep 13, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for mailman. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and phishing attacks, and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability, xss
systems | linux, ubuntu
SHA-256 | 8302385a700fa7cd9e434645dfd16f69cd3a7ba34a8d5affebe28d8cb28ca120
Download | Favorite | View

Secunia Security Advisory 21879

Change Mirror Download


----------------------------------------------------------------------

Want to work within IT-Security?

Secunia is expanding its team of highly skilled security experts.
We will help with relocation and obtaining a work permit.

Currently the following type of positions are available:
http://secunia.com/quality_assurance_analyst/
http://secunia.com/web_application_security_specialist/ 
http://secunia.com/hardcore_disassembler_and_reverse_engineer/

----------------------------------------------------------------------

TITLE:
Ubuntu update for mailman

SECUNIA ADVISORY ID:
SA21879

VERIFY ADVISORY:
http://secunia.com/advisories/21879/

CRITICAL:
Moderately critical

IMPACT:
Cross Site Scripting, Spoofing, DoS

WHERE:
>From remote

OPERATING SYSTEM:
Ubuntu Linux 5.04
http://secunia.com/product/5036/
Ubuntu Linux 5.10
http://secunia.com/product/6606/
Ubuntu Linux 6.06
http://secunia.com/product/10611/

DESCRIPTION:
Ubuntu has issued an update for mailman. This fixes some
vulnerabilities, which can be exploited by malicious people to
conduct cross-site scripting and phishing attacks, and cause a DoS
(Denial of Service).

For more information:
SA21732

SOLUTION:
Apply updated packages.

-- Ubuntu 5.04 --

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-7ubuntu0.3.diff.gz
Size/MD5: 122672 040be0e94a3463829deda6255b81914c
http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-7ubuntu0.3.dsc
Size/MD5: 669 6533900d800881c5e5e97661592fe9b1
http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5.orig.tar.gz
Size/MD5: 5745912 f5f56f04747cd4aff67427e7a45631af

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-7ubuntu0.3_amd64.deb
Size/MD5: 6610396 9e485ddc61fea15ffaacebeb176bc924

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-7ubuntu0.3_i386.deb
Size/MD5: 6610126 7a76e92c25d14c439141c243f807ac59

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-7ubuntu0.3_powerpc.deb
Size/MD5: 6617368 a0c258a612fc19b87f756dfd1b2f5604

-- Ubuntu 5.10 --

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-8ubuntu2.3.diff.gz
Size/MD5: 124569 edd592fdc5d979588cfa307d80f389ee
http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-8ubuntu2.3.dsc
Size/MD5: 626 52ca3b4a7132ed400701b33a9d1fa07c
http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5.orig.tar.gz
Size/MD5: 5745912 f5f56f04747cd4aff67427e7a45631af

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-8ubuntu2.3_amd64.deb
Size/MD5: 6611062 4808daed20ff5871d0878041dc65c278

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-8ubuntu2.3_i386.deb
Size/MD5: 6610402 bae1a8798cc5518e204ac418d4108330

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-8ubuntu2.3_powerpc.deb
Size/MD5: 6617772 c397e9d02be876896f4c519da2965dce

sparc architecture (Sun SPARC/UltraSPARC)

http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-8ubuntu2.3_sparc.deb
Size/MD5: 6616692 9714c5ffcedced686d5d2224f373f63a

-- Ubuntu 6.06 LTS --

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-9ubuntu4.1.diff.gz
Size/MD5: 228878 efe29915311336eea806f75a489ae876
http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-9ubuntu4.1.dsc
Size/MD5: 628 61d4ee8cb059d6073c845c63ab9428a3
http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5.orig.tar.gz
Size/MD5: 5745912 f5f56f04747cd4aff67427e7a45631af

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-9ubuntu4.1_amd64.deb
Size/MD5: 6612630 20c59f9de0ad456f476d9222deaf232f

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-9ubuntu4.1_i386.deb
Size/MD5: 6612422 b22f69ab0ad00a70cc4cf9526521ae02

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-9ubuntu4.1_powerpc.deb
Size/MD5: 6620218 57752d37e3514f437bfbddd458203306

sparc architecture (Sun SPARC/UltraSPARC)

http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-9ubuntu4.1_sparc.deb
Size/MD5: 6618874 870ca284b9c208a8937ef2890506a93c

ORIGINAL ADVISORY:
http://www.ubuntu.com/usn/usn-345-1

OTHER REFERENCES:
SA21732:
http://secunia.com/advisories/21732/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Login or Register to add favorites

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close