CVE-2001-1132

critical

Description

Mailman 2.0.x before 2.0.6 allows remote attackers to gain access to list administrative pages when there is an empty site or list password, which is not properly handled during the call to the crypt function during authentication.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/7091

http://www.osvdb.org/5455

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000420

Details

Source: Mitre, NVD

Published: 2001-09-05

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.00856

Detections

Analytics