Описание
Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.
Ссылки
- Vendor Advisory
- Exploit
Уязвимые конфигурации
Одно из
EPSS
7.6 High
CVSS2
Дефекты
Связанные уязвимости
Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.
Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.
Directory traversal vulnerability in GNU Mailman before 2.1.20, when n ...
Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.
ELSA-2015-1153: mailman security and bug fix update (MODERATE)
EPSS
7.6 High
CVSS2