Mandrake Linux Security Advisory : mailman (MDKSA-2004:013)
Medium Nessus Plugin ID 14113
SynopsisThe remote Mandrake Linux host is missing a security update.
DescriptionA cross-site scripting vulnerability was discovered in mailman's administration interface (CVE-2003-0965). This affects version 2.1 earlier than 2.1.4.
Certain malformed email commands could cause the mailman process to crash. (CVE-2003-0991). This affects version 2.0 earler than 2.0.14.
Another cross-site scripting vulnerability was found in mailman's 'create' CGI script (CVE-2003-0992). This affects version 2.1 earlier than 2.1.3.
SolutionUpdate the affected mailman package.