Mandriva Linux Security Advisory : sympa (MDVSA-2015:051)
Medium Nessus Plugin ID 81934
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionUpdated sympa packages fix security vulnerability :
A vulnerability have been discovered in Sympa web interface that allows access to files on the server filesystem. This breach allows to send to a list or a user any file readable by the Sympa user, located on the server filesystem, using the Sympa web interface newsletter posting area (CVE-2015-1306).
SolutionUpdate the affected sympa and / or sympa-www packages.