Vulnerabilities > CVE-2004-1177 - Unspecified vulnerability in GNU Mailman
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Cross-site scripting (XSS) vulnerability in the driver script in mailman before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page.
Vulnerable Configurations
Nessus
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-674.NASL description Due to an incompatibility between Python 1.5 and 2.1 the last mailman update did not run with Python 1.5 anymore. This problem is corrected with this update. This advisory only updates the packages updated with DSA 674-2. The version in unstable is not affected since it is not supposed to work with Python 1.5 anymore. For completeness below is the original advisory text : Two security related problems have been discovered in mailman, web-based GNU mailing list manager. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2004-1177 Florian Weimer discovered a cross-site scripting vulnerability in mailman last seen 2020-06-01 modified 2020-06-02 plugin id 16348 published 2005-02-10 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16348 title Debian DSA-674-3 : mailman - XSS, directory traversal NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2005-015.NASL description Florian Weimer discovered a vulnerability in Mailman, which can be exploited by malicious people to conduct cross-site scripting attacks. Input is not properly sanitised by last seen 2020-06-01 modified 2020-06-02 plugin id 16243 published 2005-01-25 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16243 title Mandrake Linux Security Advisory : mailman (MDKSA-2005:015) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2005-235.NASL description An updated mailman package that corrects a cross-site scripting flaw is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. Mailman manages electronic mail discussion and e-newsletter lists. A cross-site scripting (XSS) flaw in the driver script of mailman prior to version 2.1.5 could allow remote attackers to execute scripts as other web users. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-1177 to this issue. Users of mailman should update to this erratum package, which corrects this issue by turning on STEALTH_MODE by default and using Utils.websafe() to quote the html. last seen 2020-06-01 modified 2020-06-02 plugin id 17589 published 2005-03-21 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/17589 title RHEL 3 / 4 : mailman (RHSA-2005:235) NASL family Fedora Local Security Checks NASL id FEDORA_2005-241.NASL description A cross-site scripting (XSS) flaw in the driver script of mailman prior to version 2.1.5 could allow remote attackers to execute scripts as other web users. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-1177 to this issue. Users of mailman should update to this erratum package, which corrects this issue by turning on STEALTH_MODE by default and using Utils.websafe() to quote the html. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 18318 published 2005-05-19 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/18318 title Fedora Core 2 : mailman-2.1.5-10.fc2 (2005-241) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200501-29.NASL description The remote host is affected by the vulnerability described in GLSA-200501-29 (Mailman: XSS vulnerability) Florian Weimer has discovered a cross-site scripting vulnerability in the error messages that are produced by Mailman. Impact : By enticing a user to visiting a specially crafted URL, an attacker can execute arbitrary script code running in the context of the victim last seen 2020-06-01 modified 2020-06-02 plugin id 16420 published 2005-02-14 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16420 title GLSA-200501-29 : Mailman: XSS vulnerability NASL family Fedora Local Security Checks NASL id FEDORA_2005-242.NASL description A cross-site scripting (XSS) flaw in the driver script of mailman prior to version 2.1.5 could allow remote attackers to execute scripts as other web users. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-1177 to this issue. Users of mailman should update to this erratum package, which corrects this issue by turning on STEALTH_MODE by default and using Utils.websafe() to quote the html. In addition this version of the rpm includes a utility script in /usr/share/doc/mailman-*/contrib/migrate-fhs that can be run if the user has installed an FC3 or FC4 mailman rpm over an older non-FHS compliant mailman installation. The script will aid in moving the file locations from the old directory structure to the new FHS mailman directory structure that are present in FC3, FC4, and RHEL4. Users who have installed mailman originally from FC3, FC4 or RHEL4 will not need to migration any file locations. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 19630 published 2005-09-12 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/19630 title Fedora Core 3 : mailman-2.1.5-32.fc3 (2005-242) NASL family SuSE Local Security Checks NASL id SUSE_SA_2005_007.NASL description The remote host is missing the patch for the advisory SUSE-SA:2005:007 (mailman). Mailman is a flexible mailing list management tool. It provides mail controlled subscription front ends and also includes CGI scripts to handle subscription, moderation and archive retrieval and other options. Due to incomplete input validation the last seen 2020-06-01 modified 2020-06-02 plugin id 16454 published 2005-02-14 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16454 title SUSE-SA:2005:007: mailman NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-59-1.NASL description Florian Weimer discovered a cross-site scripting vulnerability in mailman last seen 2020-06-01 modified 2020-06-02 plugin id 20677 published 2006-01-15 reporter Ubuntu Security Notice (C) 2005-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20677 title Ubuntu 4.10 : mailman vulnerabilities (USN-59-1)
Oval
accepted | 2013-04-29T04:11:35.986-04:00 | ||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||
contributors |
| ||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||
description | Cross-site scripting (XSS) vulnerability in the driver script in mailman before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page. | ||||||||||||||||||||
family | unix | ||||||||||||||||||||
id | oval:org.mitre.oval:def:11113 | ||||||||||||||||||||
status | accepted | ||||||||||||||||||||
submitted | 2010-07-09T03:56:16-04:00 | ||||||||||||||||||||
title | Cross-site scripting (XSS) vulnerability in the driver script in mailman before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page. | ||||||||||||||||||||
version | 26 |
Redhat
advisories |
| ||||
rpms |
|
Statements
contributor | Mark J Cox |
lastmodified | 2006-08-30 |
organization | Red Hat |
statement | This issue did not affect the versions of mailman shipped with Red Hat Enterprise Linux 2.1, 3, or 4. In addition, we believe this issue does not apply to the 2.0.x versions of mailman due to setting of STEALTH_MODE |
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=287555
- http://marc.info/?l=bugtraq&m=110549296126351&w=2
- http://secunia.com/advisories/13603
- http://www.debian.org/security/2005/dsa-674
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:015
- http://www.novell.com/linux/security/advisories/2005_07_mailman.html
- http://www.redhat.com/support/errata/RHSA-2005-235.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18854
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11113