CVE-2003-0965
CVSS6.8
发布时间 :2004-02-17 00:00:00
修订时间 :2008-09-10 15:21:00
NMCOS    

[原文]Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities.


[CNNVD]GNU Mailman管理页面多个跨站脚本执行漏洞(CNNVD-200402-079)

        
        GNU Mailman是由Python开发的共享软件,利用它可以管理邮件列表。
        GNU Mailman的管理页面存在多个跨站脚本可执行漏洞,远程攻击者可以利用这个漏洞获得管理员用于验证的COOKIE信息。
        目前没有详细漏洞细节提供。
        

- CVSS (基础分值)

CVSS分值: 6.8 [中等(MEDIUM)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: MEDIUM [漏洞利用存在一定的访问条件]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:813Mailman Cross-site Scripting Vulnerability
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0965
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0965
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200402-079
(官方数据源) CNNVD

- 其它链接及资源

http://www.redhat.com/support/errata/RHSA-2004-020.html
(VENDOR_ADVISORY)  REDHAT  RHSA-2004:020
http://mail.python.org/pipermail/mailman-announce/2003-December/000066.html
(VENDOR_ADVISORY)  MLIST  [Mailman-Announce] 20031231 RELEASED Mailman 2.1.4
http://xforce.iss.net/xforce/xfdb/14121
(VENDOR_ADVISORY)  XF  mailman-admin-xss(14121)
http://www.securityfocus.com/bid/9336
(VENDOR_ADVISORY)  BID  9336
http://www.debian.org/security/2004/dsa-436
(UNKNOWN)  DEBIAN  DSA-436
http://www.osvdb.org/3305
(UNKNOWN)  OSVDB  3305
http://www.mandriva.com/security/advisories?name=MDKSA-2004:013
(UNKNOWN)  MANDRAKE  MDKSA-2004:013
http://secunia.com/advisories/10519
(UNKNOWN)  SECUNIA  10519
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000842
(UNKNOWN)  CONECTIVA  CLA-2004:842

- 漏洞信息

GNU Mailman管理页面多个跨站脚本执行漏洞
中危 输入验证
2004-02-17 00:00:00 2005-10-20 00:00:00
远程  
        
        GNU Mailman是由Python开发的共享软件,利用它可以管理邮件列表。
        GNU Mailman的管理页面存在多个跨站脚本可执行漏洞,远程攻击者可以利用这个漏洞获得管理员用于验证的COOKIE信息。
        目前没有详细漏洞细节提供。
        

- 公告与补丁

        厂商补丁:
        GNU
        ---
        GNU Mailman 2.1.4不受此漏洞影响,建议用户下载使用:
        
        http://sourceforge.net/project/shownotes.php?release_id=206877

- 漏洞信息

3305
Mailman Admin Pages XSS
Remote / Network Access Input Manipulation
Loss of Integrity

- 漏洞描述

Mailman contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate user supplied input upon submission to the admin scripts. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

- 时间线

2004-01-01 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 2.1.4 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

GNU Mailman Admin Page Multiple Cross-Site Scripting Vulnerabilities
Input Validation Error 9336
Yes No
2003-12-31 12:00:00 2009-07-12 12:56:00
These issues were announced by the vendor.

- 受影响的程序版本

Red Hat Fedora Core1
GNU Mailman 2.1.10 b1
GNU Mailman 2.1.3
GNU Mailman 2.1.1
+ RedHat Linux 9.0 i386
+ RedHat Linux 7.3 i686
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.3
GNU Mailman 2.1
GNU Mailman 2.0.13
+ Red Hat Enterprise Linux AS 2.1 IA64
+ Red Hat Enterprise Linux AS 2.1
+ RedHat Enterprise Linux ES 2.1 IA64
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux WS 2.1 IA64
+ RedHat Enterprise Linux WS 2.1
GNU Mailman 2.0.12
GNU Mailman 2.0.11
+ Debian Linux 3.0
GNU Mailman 2.0.10
GNU Mailman 2.0.9
GNU Mailman 2.0.8
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ Conectiva Linux 5.1
+ Conectiva Linux 5.0
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
- RedHat PowerTools 7.1
- RedHat PowerTools 7.0
GNU Mailman 2.0.7
GNU Mailman 2.0.6
GNU Mailman 2.0.5
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ Conectiva Linux 5.1
+ Conectiva Linux 5.0
+ Conectiva Linux 4.2
+ Conectiva Linux 4.1
- Debian Linux 2.2 sparc
- Debian Linux 2.2 powerpc
- Debian Linux 2.2 arm
- Debian Linux 2.2 alpha
- Debian Linux 2.2 68k
- Debian Linux 2.2
- FreeBSD FreeBSD 4.3
- HP HP-UX 11.11
- HP HP-UX 11.0
- HP HP-UX 10.20
- Mandriva Linux Mandrake 8.0
- Mandriva Linux Mandrake 7.2
- Mandriva Linux Mandrake 7.1
- NetBSD NetBSD 1.5.2
- NetBSD NetBSD 1.5.1
- OpenBSD OpenBSD 2.9
- OpenBSD OpenBSD 2.8
- OpenBSD OpenBSD 2.7
- RedHat Linux 7.1
- RedHat Linux 7.0
- S.u.S.E. Linux 7.2
- S.u.S.E. Linux 7.1
- S.u.S.E. Linux 7.0
- Slackware Linux 8.0
- Slackware Linux 7.1
- Slackware Linux 7.0
- Sun Solaris 8_sparc
- Sun Solaris 7.0
- Sun Solaris 2.6
GNU Mailman 2.0.4
GNU Mailman 2.0.3
GNU Mailman 2.0.2
GNU Mailman 2.0.1
GNU Mailman 2.0 .8
+ RedHat Secure Web Server 3.2 i386
GNU Mailman 2.0 .7
GNU Mailman 2.0 .6
+ RedHat Linux 7.2 i386
GNU Mailman 2.0 .5
GNU Mailman 2.0 .3
GNU Mailman 2.0 .2
GNU Mailman 2.0 .1
GNU Mailman 2.0
GNU Mailman 2.1.4
+ MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0

- 不受影响的程序版本

GNU Mailman 2.1.4
+ MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0

- 漏洞讨论

Multiple cross-site scripting vulnerabilities were reported to exist in the administrative pages for GNU Mailman. These issues would likely be exploitable by enticing an administrative user to follow a malicious link with hostile HTML and script code embedded in it.

Exploitation would likely result in theft of administrative cookie-based authentication credentials. Other attacks would also be possible.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

This issue has been addressed in GNU Mailman 2.1.4.

Red Hat has released an advisory (FEDORA-2004-060) and fixes to address these issues in Fedora Linux. Users may apply these fixes using the "up2date" utility. Alternatively Fedora users may apply the fixes manually, fixes are linked below.

RedHat has released an advisory RHSA-2004:020-02 to address these issues. Please see the advisory in web references for more information.

Mandrake has released advisory MDKSA-2004:013 and fixes to address this issue.

Debian has released advisory 436-2 to address these issues. Please see the referenced advisories for more information.

Conectiva has released an advisory (CLA-2004:842) to address this and other issues. Please see the referenced advisory for more information.

Fixes:


Red Hat Fedora Core1

GNU Mailman 2.0 .3

GNU Mailman 2.0 .7

GNU Mailman 2.0 .2

GNU Mailman 2.0 .5

GNU Mailman 2.0

GNU Mailman 2.0 .1

GNU Mailman 2.0 .8

GNU Mailman 2.0 .6

GNU Mailman 2.0.1

GNU Mailman 2.0.10

GNU Mailman 2.0.11

GNU Mailman 2.0.12

GNU Mailman 2.0.13

GNU Mailman 2.0.2

GNU Mailman 2.0.3

GNU Mailman 2.0.4

GNU Mailman 2.0.5

GNU Mailman 2.0.6

GNU Mailman 2.0.7

GNU Mailman 2.0.8

GNU Mailman 2.0.9

GNU Mailman 2.1

GNU Mailman 2.1.1

GNU Mailman 2.1.10 b1

GNU Mailman 2.1.3

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站