Sympa <= 5.4.3 sympa.pl Local File Overwrite
Medium Nessus Network Monitor Plugin ID 4626
SynopsisThe remote host is vulnerable to a local flaw in an application that handles local files.
DescriptionThe remote host is running Sympa, an open-source mailing list software application.
This version of Sympa is vulnerable to a flaw due to the way that sympa.pl creates files when the '--make_alias_file' option is used. An attacker exploiting this flaw would need local access. Successful exploitation would result in the attacker overwriting local files which the Sympa application had permissions on.
SolutionUpgrade to a version higher than 5.4.3.