ListManager < 9.3b / 9.2c / 8.95d Multiple Vulnerabilities

medium Nessus Plugin ID 31134

Synopsis

The remote web server is affected by multiple vulnerabilities.

Description

The remote host is running ListManager, a web-based commercial mailing list management application from Lyris.

According to its banner, the version of ListManager installed on the remote host relies on client-side code to validate unspecified form parameters before processing them. An attacker who is subscribed to a list managed by the affected application can reportedly leverage this issue to elevate his privileges to list administrator or gain access to arbitrary mailing lists.

In addition, once administrative access has been granted, another vulnerability in ListManager's administrative interface allows creation of new accounts that collide with existing accounts, which results in overwriting data in the those accounts.

Solution

Upgrade to ListManager 9.3b / 9.2c / 8.95d or later.

See Also

https://seclists.org/bugtraq/2008/Feb/294

Plugin Details

Severity: Medium

ID: 31134

File Name: listmanager_93b.nasl

Version: 1.12

Type: remote

Family: CGI abuses

Published: 2/22/2008

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Reference Information

CVE: CVE-2007-6319

BID: 26792

CWE: 264

Secunia: 29019