14844 – net-mail/mailman

Bug 14844 - net-mail/mailman

Summary: net-mail/mailman

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	New packages (show other bugs)
Hardware:	x86 Linux

Importance:	Highest critical (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2003-01-31 08:04 UTC by Daniel Ahlberg (RETIRED)
Modified:	2003-02-17 04:12 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Daniel Ahlberg (RETIRED) gentoo-dev

2003-01-31 08:04:36 UTC

Mailman: cross-site scripting bug 

From:  
<webmaster@procheckup.com> 

To:  
bugtraq@securityfocus.com 

Date:  
2003-01-24 15.35 

Product: Mailman 
Affected Version: 2.1 not other version has been tested 
Vendor's URL: http://www.gnu.org/software/mailman/ 
Solution: TBC 
Author: Manuel Rodriguez 

Introduction: 
------------ 
Mailman is software to help manage electronic mail discussion lists, much  
like Majordomo or Smartmail.  And Mailman have web interface systems. 

Example: 
----------------- 
This is a simple example for version 2.1: 

1) With mailman options the email variable is vulnerable to cross-site  
scripting. 

You can recognise the vulnerabilities with this type of URL: 

https://www.yourserver.com:443/mailman/options/yourlist? 
language=en&email=&lt;SCRIPT&gt;alert('Can%20Cross%20Site%20Attack')&lt;/SCRIPT&gt;  
and that prove that any (malicious) script code is possible on web  
interface part of Mailman. 

2) The default error page mailman generates does not adequately filter its  
input making it susceptible to cross-site scripting. 

https://www.yourserver.com:443//mailman/options/yourlist? 
language=&lt;SCRIPT&gt;alert('Can%20Cross%20Site%20Attack')&lt;/SCRIPT&gt;

Comment 1 Daniel Ahlberg (RETIRED) gentoo-dev

2003-02-17 04:12:51 UTC

glsa sent