what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

CVE-2020-10936

Related Files

Debian Security Advisory 4818-1

Posted Dec 28, 2020

Authored by Debian | Site debian.org

Debian Linux Security Advisory 4818-1 - Several vulnerabilities were discovered in Sympa, a mailing list manager, which could result in local privilege escalation, denial of service or unauthorized access via the SOAP API.

tags | advisory, denial of service, local, vulnerability

systems | linux, debian

advisories | CVE-2020-10936, CVE-2020-26932, CVE-2020-29668, CVE-2020-9369

SHA-256 | b5e2af845768d3755cb9be263eef29650e1f5a4b75aef651239c12da54242c22

Download | Favorite | View

Ubuntu Security Notice USN-4442-1

Posted Jul 29, 2020

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4442-1 - Michael Kaczmarczik discovered that Sympa incorrectly handled HTTP GET/POST requests. An attacker could possibly use this issue to insert, edit or obtain sensitive information. It was discovered that Sympa incorrectly handled URL parameters. An attacker could possibly use this issue to perform XSS attacks. Nicolas Chatelain discovered that Sympa incorrectly handled environment variables. An attacker could possibly use this issue with a setuid binary and gain root privileges. Various other issues were also addressed.

tags | advisory, web, root

systems | linux, ubuntu

advisories | CVE-2018-1000550, CVE-2018-1000671, CVE-2020-10936

SHA-256 | 7020185eae4c1a4feb195064dd4e42bd3d4a8eca72224fca58383c0be086b058

Download | Favorite | View