Pipermail/Mailman Insecure Archives Permissions Vulnerability

Bugtraq ID: 4538
Class: Design Error
CVE: CVE-2002-0389
Remote: No
Local: Yes
Published: Apr 16 2002 12:00AM
Updated: Aug 12 2015 10:26PM
Credit: Discovery of this issue is credited to "H. Peter Anvin" <hpa@zytor.com>.
Vulnerable: Redhat Enterprise Linux Workstation 6
Redhat Enterprise Linux Server 6
Pipermail Pipermail 0.5
Oracle Enterprise Linux 6.2
Oracle Enterprise Linux 6
GNU Mailman 2.1.10 b1
GNU Mailman 2.0.10
GNU Mailman 2.0.9
GNU Mailman 2.0.4
GNU Mailman 2.0 beta5
+ Redhat Secure Web Server 3.2 i386
GNU Mailman 2.0 beta4
- BSDI BSD/OS 4.0
- Debian Linux 2.2
- Debian Linux 2.1
- Digital UNIX 4.0
- FreeBSD FreeBSD 5.0
- FreeBSD FreeBSD 4.0
- FreeBSD FreeBSD 3.5
- HP HP-UX 11.0
- HP HP-UX 10.20
- IBM AIX 4.3
- Mandriva Linux Mandrake 7.1
- Mandriva Linux Mandrake 7.0
- NetBSD NetBSD 1.4.2 x86
- NetBSD NetBSD 1.4.1 x86
+ Redhat Secure Web Server 3.2 i386
+ Redhat Secure Web Server 3.1 sparc
+ Redhat Secure Web Server 3.1 i386
+ Redhat Secure Web Server 3.1 alpha
+ Redhat Secure Web Server 3.0 i386
- SGI IRIX 6.5
- Sun Solaris 8_sparc
- Sun Solaris 7.0
GNU Mailman 2.0 beta3
- BSDI BSD/OS 4.0
- Debian Linux 2.2
- Debian Linux 2.1
- Digital UNIX 4.0
- FreeBSD FreeBSD 5.0
- FreeBSD FreeBSD 4.0
- FreeBSD FreeBSD 3.5
- HP HP-UX 11.0
- HP HP-UX 10.20
- IBM AIX 4.3
- Mandriva Linux Mandrake 7.1
- Mandriva Linux Mandrake 7.0
- NetBSD NetBSD 1.4.2 x86
- NetBSD NetBSD 1.4.1 x86
+ Redhat Secure Web Server 3.2 i386
+ Redhat Secure Web Server 3.1 sparc
+ Redhat Secure Web Server 3.1 i386
+ Redhat Secure Web Server 3.1 alpha
+ Redhat Secure Web Server 3.0 i386
- SGI IRIX 6.5
- Sun Solaris 8_sparc
- Sun Solaris 7.0
GNU Mailman 2.0 .8
+ Redhat Secure Web Server 3.2 i386
GNU Mailman 2.0 .7
GNU Mailman 2.0 .6
+ Redhat Linux 7.2 i386
GNU Mailman 2.0 .5
GNU Mailman 2.0 .3
GNU Mailman 2.0 .2
GNU Mailman 2.0 .1
GNU Mailman 2.0
GNU Mailman 1.1
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 IA-32
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 68k
+ Debian Linux 2.2
GNU Mailman 1.0
+ Debian Linux 2.1
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus