CVE-2004-0412
CVSS5.0
发布时间 :2004-08-18 00:00:00
修订时间 :2016-10-17 22:45:09
NMCOS    

[原文]Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server.


[CNNVD]GNU Mailman未明密码获取漏洞(CNNVD-200408-158)

        
        GNU Mailman是由Python开发的共享软件,利用它可以管理邮件列表。
        GNU Mailman存在未明的密码泄露问题,远程攻击者可以利用这个漏洞获得加入邮件列表的用户密码。
        目前没有详细漏洞细节提供。
        

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:gnu:mailman:2.1.2GNU Mailman 2.1.2
cpe:/a:gnu:mailman:2.1.3GNU Mailman 2.1.3
cpe:/a:gnu:mailman:2.1.1GNU Mailman 2.1.1
cpe:/a:gnu:mailman:2.1GNU Mailman 2.1
cpe:/a:gnu:mailman:2.1.4GNU Mailman 2.1.4
cpe:/a:gnu:mailman:2.1b1GNU Mailman 2.1b1

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0412
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0412
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200408-158
(官方数据源) CNNVD

- 其它链接及资源

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000842
(VENDOR_ADVISORY)  CONECTIVA  CLA-2004:842
http://mail.python.org/pipermail/mailman-announce/2004-May/000072.html
(UNKNOWN)  MLIST  [Mailman-Announce] 20040515 RELEASED Mailman 2.1.5
http://marc.info/?l=bugtraq&m=109034869927955&w=2
(UNKNOWN)  FEDORA  FEDORA-2004-1734
http://security.gentoo.org/glsa/glsa-200406-04.xml
(VENDOR_ADVISORY)  GENTOO  GLSA-200406-04
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:051
(UNKNOWN)  MANDRAKE  MDKSA-2004:051
http://www.securityfocus.com/bid/10412
(VENDOR_ADVISORY)  BID  10412
http://xforce.iss.net/xforce/xfdb/16256
(UNKNOWN)  XF  mailman-obtain-password(16256)
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=123559
(UNKNOWN)  CONFIRM  https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=123559

- 漏洞信息

GNU Mailman未明密码获取漏洞
中危 未知
2004-08-18 00:00:00 2005-10-20 00:00:00
远程  
        
        GNU Mailman是由Python开发的共享软件,利用它可以管理邮件列表。
        GNU Mailman存在未明的密码泄露问题,远程攻击者可以利用这个漏洞获得加入邮件列表的用户密码。
        目前没有详细漏洞细节提供。
        

- 公告与补丁

        厂商补丁:
        GNU
        ---
        目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
        GNU Upgrade mailman-2.1.5.tgz
        
        http://prdownloads.sourceforge.net/mailman/mailman-2.1.5.tgz?download

- 漏洞信息

6422
Mailman Crated E-mail Remote User Password Disclosure
Remote / Network Access Misconfiguration
Loss of Confidentiality
Exploit Public

- 漏洞描述

Mailman contains a flaw that may lead to an unauthorized password exposure. It is possible for a list member to gain access to user passwords by sending mail to the request alias. If an arbitrary user submits "password address=" commands for other users, Mailman may disclose the user password.

- 时间线

2004-05-15 2004-05-15
2004-06-14 Unknow

- 解决方案

Upgrade to version 2.1.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

GNU Mailman Unspecified Password Retrieval Vulnerability
Unknown 10412
Yes No
2004-05-25 12:00:00 2009-07-12 05:16:00
This issue was disclosed by the vendor.

- 受影响的程序版本

RedHat Linux 9.0 i386
RedHat Linux 7.3 i686
RedHat Linux 7.3 i386
RedHat Linux 7.3
GNU Mailman 2.1.10 b1
GNU Mailman 2.1.4
+ MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
GNU Mailman 2.1.3
GNU Mailman 2.1.2
+ Mandriva Linux Mandrake 9.2 amd64
+ Mandriva Linux Mandrake 9.2
GNU Mailman 2.1.1
+ RedHat Linux 9.0 i386
+ RedHat Linux 7.3 i686
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.3
GNU Mailman 2.1
GNU Mailman 2.0.13
+ Red Hat Enterprise Linux AS 2.1 IA64
+ Red Hat Enterprise Linux AS 2.1
+ RedHat Enterprise Linux ES 2.1 IA64
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux WS 2.1 IA64
+ RedHat Enterprise Linux WS 2.1
GNU Mailman 2.0.12
GNU Mailman 2.0.11
+ Debian Linux 3.0
GNU Mailman 2.0.10
GNU Mailman 2.0.9
GNU Mailman 2.0.8
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ Conectiva Linux 5.1
+ Conectiva Linux 5.0
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
- RedHat PowerTools 7.1
- RedHat PowerTools 7.0
GNU Mailman 2.0.7
GNU Mailman 2.0.6
GNU Mailman 2.0.5
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ Conectiva Linux 5.1
+ Conectiva Linux 5.0
+ Conectiva Linux 4.2
+ Conectiva Linux 4.1
- Debian Linux 2.2 sparc
- Debian Linux 2.2 powerpc
- Debian Linux 2.2 arm
- Debian Linux 2.2 alpha
- Debian Linux 2.2 68k
- Debian Linux 2.2
- FreeBSD FreeBSD 4.3
- HP HP-UX 11.11
- HP HP-UX 11.0
- HP HP-UX 10.20
- Mandriva Linux Mandrake 8.0
- Mandriva Linux Mandrake 7.2
- Mandriva Linux Mandrake 7.1
- NetBSD NetBSD 1.5.2
- NetBSD NetBSD 1.5.1
- OpenBSD OpenBSD 2.9
- OpenBSD OpenBSD 2.8
- OpenBSD OpenBSD 2.7
- RedHat Linux 7.1
- RedHat Linux 7.0
- S.u.S.E. Linux 7.2
- S.u.S.E. Linux 7.1
- S.u.S.E. Linux 7.0
- Slackware Linux 8.0
- Slackware Linux 7.1
- Slackware Linux 7.0
- Sun Solaris 8_sparc
- Sun Solaris 7.0
- Sun Solaris 2.6
GNU Mailman 2.0.4
GNU Mailman 2.0.4
GNU Mailman 2.0.3
GNU Mailman 2.0.2
GNU Mailman 2.0.1
GNU Mailman 2.0 beta5
+ RedHat Secure Web Server 3.2 i386
GNU Mailman 2.0 beta4
- BSDI BSD/OS 4.0
- Conectiva Linux 5.1
- Conectiva Linux 5.0
- Conectiva Linux 4.2
- Conectiva Linux 4.1
- Debian Linux 2.2
- Debian Linux 2.1
- Digital UNIX 4.0
- FreeBSD FreeBSD 5.0
- FreeBSD FreeBSD 4.0
- FreeBSD FreeBSD 3.5
- HP HP-UX 11.0
- HP HP-UX 10.20
- IBM AIX 4.3
- Mandriva Linux Mandrake 7.1
- Mandriva Linux Mandrake 7.0
- NetBSD NetBSD 1.4.2 x86
- NetBSD NetBSD 1.4.1 x86
+ RedHat Secure Web Server 3.2 i386
+ RedHat Secure Web Server 3.1 sparc
+ RedHat Secure Web Server 3.1 i386
+ RedHat Secure Web Server 3.1 alpha
+ RedHat Secure Web Server 3.0 i386
- SGI IRIX 6.5
- Sun Solaris 8_sparc
- Sun Solaris 7.0
GNU Mailman 2.0 beta3
- BSDI BSD/OS 4.0
- Conectiva Linux 5.1
- Conectiva Linux 5.0
- Conectiva Linux 4.2
- Conectiva Linux 4.1
- Debian Linux 2.2
- Debian Linux 2.1
- Digital UNIX 4.0
- FreeBSD FreeBSD 5.0
- FreeBSD FreeBSD 4.0
- FreeBSD FreeBSD 3.5
- HP HP-UX 11.0
- HP HP-UX 10.20
- IBM AIX 4.3
- Mandriva Linux Mandrake 7.1
- Mandriva Linux Mandrake 7.0
- NetBSD NetBSD 1.4.2 x86
- NetBSD NetBSD 1.4.1 x86
+ RedHat Secure Web Server 3.2 i386
+ RedHat Secure Web Server 3.1 sparc
+ RedHat Secure Web Server 3.1 i386
+ RedHat Secure Web Server 3.1 alpha
+ RedHat Secure Web Server 3.0 i386
- SGI IRIX 6.5
- Sun Solaris 8_sparc
- Sun Solaris 7.0
GNU Mailman 2.0 .8
+ RedHat Secure Web Server 3.2 i386
GNU Mailman 2.0 .7
GNU Mailman 2.0 .6
+ RedHat Linux 7.2 i386
GNU Mailman 2.0 .5
GNU Mailman 2.0 .3
GNU Mailman 2.0 .2
GNU Mailman 2.0 .1
GNU Mailman 2.0
GNU Mailman 1.1
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 IA-32
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 68k
+ Debian Linux 2.2
GNU Mailman 1.0
+ Debian Linux 2.1
GNU Mailman 2.1.5
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
+ Red Hat Enterprise Linux AS 4
+ Red Hat Enterprise Linux AS 3
+ RedHat Enterprise Linux Desktop version 4
+ RedHat Enterprise Linux ES 4
+ RedHat Enterprise Linux ES 3
+ RedHat Enterprise Linux WS 4
+ RedHat Enterprise Linux WS 3

- 不受影响的程序版本

GNU Mailman 2.1.5
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
+ Red Hat Enterprise Linux AS 4
+ Red Hat Enterprise Linux AS 3
+ RedHat Enterprise Linux Desktop version 4
+ RedHat Enterprise Linux ES 4
+ RedHat Enterprise Linux ES 3
+ RedHat Enterprise Linux WS 4
+ RedHat Enterprise Linux WS 3

- 漏洞讨论

Mailman is prone to an unspecified password retrieval vulnerability. This vulnerability was disclosed by the vendor. Reportedly, a remote attacker can gain access to user passwords, when the users subscribe to a mailing list.

A remote attacker can use the sensitive information to hijack user accounts or carry out other attacks. Further information about this issue states that to exploit this vulnerability an attacker does not need to be subscribed to the list. The attacker needs to be able to mail <listname>-request@<listhost> and know the email address of a user to disclose the user's password.

It is reported this issue affects Mailman 2.1.x versions.

Due to a lack of details further information is not available at the moment. This BID will be updated as more information becomes available.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

The vendor has released Mailman 2.1.5 to address this issue.

Mandrake has released a security advisory (MDKSA-2004:051) and updates to address this issue in Mandrake Linux 9.2 and 10. Users are advised to see the referenced advisory for further details regarding obtaining and applying fixes.

Conectiva has released an advisory (CLA-2004:842) to address this and other issues. Please see the referenced advisory for more information.

Gentoo Linux has released advisory GLSA 200406-04 dealing with this issue. It has been advised that all users of Mailman should upgrade to the latest stable version using the following commands:

# emerge sync

# emerge -pv ">=net-mail/mailman-2.1.5"
# emerge ">=net-mail/mailman-2.1.5"

For more information see the referenced Gentoo advisory.

RedHat has released advisories (FEDORA-2004-167, FEDORA-2004-168) to address this issue in Fedora Core 1 and Fedora Core 2. Please see the referenced advisories for more information.


GNU Mailman 1.0

GNU Mailman 1.1

GNU Mailman 2.0 beta3

GNU Mailman 2.0 .3

GNU Mailman 2.0 beta4

GNU Mailman 2.0

GNU Mailman 2.0 .1

GNU Mailman 2.0 .6

GNU Mailman 2.0 .7

GNU Mailman 2.0 .2

GNU Mailman 2.0 beta5

GNU Mailman 2.0 .5

GNU Mailman 2.0 .8

GNU Mailman 2.0.1

GNU Mailman 2.0.10

GNU Mailman 2.0.11

GNU Mailman 2.0.12

GNU Mailman 2.0.13

GNU Mailman 2.0.2

GNU Mailman 2.0.3

GNU Mailman 2.0.4

GNU Mailman 2.0.4

GNU Mailman 2.0.5

GNU Mailman 2.0.6

GNU Mailman 2.0.7

GNU Mailman 2.0.8

GNU Mailman 2.0.9

GNU Mailman 2.1

GNU Mailman 2.1.1

GNU Mailman 2.1.10 b1

GNU Mailman 2.1.2

GNU Mailman 2.1.3

GNU Mailman 2.1.4

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站