Vulnerabilities > GNU > Mailman > 2.1

DATE CVE VULNERABILITY TITLE RISK
2004-12-31 CVE-2004-1143 Unspecified vulnerability in GNU Mailman
The password generation in mailman before 2.1.5 generates only 5 million unique passwords, which makes it easier for remote attackers to guess passwords via a brute force attack.
network
low complexity
gnu
7.5
7.5
2004-08-18 CVE-2004-0412 Password Retrieval vulnerability in GNU Mailman
Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server.
network
low complexity
gnu
5.0
5.0
2004-03-03 CVE-2003-0991 Remote Denial Of Service vulnerability in GNU Mailman Malformed Message
Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands.
network
low complexity
gnu sgi
5.0
5.0
2004-02-17 CVE-2003-0992 Unspecified vulnerability in GNU Mailman
Cross-site scripting (XSS) vulnerability in the create CGI script for Mailman before 2.1.3 allows remote attackers to steal cookies of other users.
network
gnu
4.3
4.3
2004-02-17 CVE-2003-0965 Cross-Site Scripting vulnerability in GNU Mailman Admin Page
Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities.
network
gnu
6.8
6.8
2003-02-07 CVE-2003-0038 Cross-Site Scripting vulnerability in GNU Mailman 2.1
Cross-site scripting (XSS) vulnerability in options.py for Mailman 2.1 allows remote attackers to inject script or HTML into web pages via the (1) email or (2) language parameters.
network
gnu
4.3
4.3