CVE-2015-2775

Опубликовано: 13 апр. 2015

Источник: ubuntu

Приоритет: medium

CVSS2: 7.6

Описание

Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.

Релиз	Статус	Примечание
devel	released	1:2.1.18-1ubuntu1
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was released [1:2.1.16-2ubuntu0.1]]
lucid	ignored	end of life
precise	released	1:2.1.14-3ubuntu0.2
trusty	released	1:2.1.16-2ubuntu0.1
trusty/esm	DNE	trusty was released [1:2.1.16-2ubuntu0.1]
upstream	needed
utopic	released	1:2.1.18-1ubuntu0.1

Показывать по

Ссылки на источники

7.6 High

CVSS2

Связанные уязвимости

CVE-2015-2775

redhat

больше 10 лет назад

Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.

CVE-2015-2775

nvd

больше 10 лет назад

Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.

CVE-2015-2775

debian

больше 10 лет назад

Directory traversal vulnerability in GNU Mailman before 2.1.20, when n ...

GHSA-rhjr-qgg7-67wg

github

больше 3 лет назад

Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.

ELSA-2015-1153

oracle-oval

около 10 лет назад

ELSA-2015-1153: mailman security and bug fix update (MODERATE)

7.6 High

CVSS2

CVE-2015-2775

Описание

Пакет mailman

Ссылки на источники

Связанные уязвимости