Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 14844

Summary: net-mail/mailman
Product: Gentoo Linux Reporter: Daniel Ahlberg (RETIRED) <aliz>
Component: New packagesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: critical CC: grandmasterlinux
Priority: Highest    
Version: 1.0   
Hardware: x86   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Daniel Ahlberg (RETIRED) gentoo-dev 2003-01-31 08:04:36 UTC 
Mailman: cross-site scripting bug 
 
From:  
<webmaster@procheckup.com> 
 
 
To:  
bugtraq@securityfocus.com 
 
 
Date:  
2003-01-24 15.35 
 
 
Product: Mailman 
Affected Version: 2.1 not other version has been tested 
Vendor's URL: http://www.gnu.org/software/mailman/ 
Solution: TBC 
Author: Manuel Rodriguez 
 
Introduction: 
------------ 
Mailman is software to help manage electronic mail discussion lists, much  
like Majordomo or Smartmail.  And Mailman have web interface systems. 
 
 
Example: 
----------------- 
This is a simple example for version 2.1: 
 
1) With mailman options the email variable is vulnerable to cross-site  
scripting. 
 
You can recognise the vulnerabilities with this type of URL: 
 
https://www.yourserver.com:443/mailman/options/yourlist? 
language=en&email=&lt;SCRIPT&gt;alert('Can%20Cross%20Site%20Attack')&lt;/SCRIPT&gt;  
and that prove that any (malicious) script code is possible on web  
interface part of Mailman. 
 
2) The default error page mailman generates does not adequately filter its  
input making it susceptible to cross-site scripting. 
 
https://www.yourserver.com:443//mailman/options/yourlist? 
language=&lt;SCRIPT&gt;alert('Can%20Cross%20Site%20Attack')&lt;/SCRIPT&gt;
Comment 1 Daniel Ahlberg (RETIRED) gentoo-dev 2003-02-17 04:12:51 UTC 
glsa sent