Sympa < 4.1.2 wwsympa.fcgi List Master Authentication Bypass
Medium Nessus Network Monitor Plugin ID 2118
SynopsisThe remote host is vulnerable to a flaw that allows for the bypassing of authentication.
DescriptionThe remote host is running wwsympa.fcgi, a web interface for the Sympa mailing list manager. It is reported that this version of Sympa may permit an attacker to bypass the list master authentication in order to create unauthorized mailing list.
SolutionUpgrade to version 4.1.2 or higher.