icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Sympa < 4.1.2 List Creation Authentication Bypass

Medium

Synopsis

The remote host is running wwsympa.fcgi, a web interface for the Sympa mailing list manager.

Description

The remote host is running wwsympa.fcgi, a web interface for the Sympa mailing list manager. It is reported that this version of Sympa may permit an attacker to bypass the list master authentication in order to create unauthorized mailing list.

Solution

Upgrade to version 4.1.2 or higher.