Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu mailman 2.0 vulnerabilities and exploits
(subscribe to this query)
760
VMScore
CVE-2002-0855
Cross-site scripting vulnerability in Mailman prior to 2.0.12 allows remote malicious users to execute script as other users via a subscriber's list subscription options in the (1) adminpw or (2) info parameters to the ml-name feature.
Gnu Mailman 2.0.12
2 EDB exploits
755
VMScore
CVE-2002-0388
Cross-site scripting vulnerabilities in Mailman prior to 2.0.11 allow remote malicious users to execute script via (1) the admin login page, or (2) the Pipermail index summaries.
Gnu Mailman
1 EDB exploit
668
VMScore
CVE-2004-1143
The password generation in mailman prior to 2.1.5 generates only 5 million unique passwords, which makes it easier for remote malicious users to guess passwords via a brute force attack.
Gnu Mailman 2.0.10
Gnu Mailman 2.0.11
Gnu Mailman 2.0.6
Gnu Mailman 2.0.7
Gnu Mailman 2.1.2
Gnu Mailman 2.1.3
Gnu Mailman 1.0
Gnu Mailman 1.1
Gnu Mailman 2.0.2
Gnu Mailman 2.0.3
Gnu Mailman 2.0
Gnu Mailman 2.0.1
Gnu Mailman 2.0.4
Gnu Mailman 2.0.5
Gnu Mailman 2.1
Gnu Mailman 2.1.1
Gnu Mailman 2.0.12
Gnu Mailman 2.0.13
Gnu Mailman 2.0.8
Gnu Mailman 2.0.9
Gnu Mailman 2.1.4
Gnu Mailman 2.1b1
668
VMScore
CVE-2001-1132
Mailman 2.0.x prior to 2.0.6 allows remote malicious users to gain access to list administrative pages when there is an empty site or list password, which is not properly handled during the call to the crypt function during authentication.
Gnu Mailman
445
VMScore
CVE-2006-0052
The attachment scrubber (Scrubber.py) in Mailman 2.1.5 and previous versions, when using Python's library email module 2.5, allows remote malicious users to cause a denial of service (mailing list delivery failure) via a multipart MIME message with a single part that has two...
Gnu Mailman 1.1
Gnu Mailman 2.0
Gnu Mailman 2.0.1
Gnu Mailman 2.0.3
Gnu Mailman 2.0.4
Gnu Mailman 1.0
Gnu Mailman 2.0.14
Gnu Mailman 2.0.2
Gnu Mailman 2.0.9
Gnu Mailman 2.1.4
Gnu Mailman 2.1.5
Gnu Mailman 2.1b1
Gnu Mailman 2.0.10
Gnu Mailman 2.0.11
Gnu Mailman 2.0.5
Gnu Mailman 2.0.6
Gnu Mailman 2.1
Gnu Mailman 2.1.1
Gnu Mailman 2.0.12
Gnu Mailman 2.0.13
Gnu Mailman 2.0.7
Gnu Mailman 2.0.8
445
VMScore
CVE-2005-3573
Scrubber.py in Mailman 2.1.5-8 does not properly handle UTF8 character encodings in filenames of e-mail attachments, which allows remote malicious users to cause a denial of service (application crash).
Gnu Mailman 2.0.10
Gnu Mailman 2.0.11
Gnu Mailman 2.0.6
Gnu Mailman 2.0.7
Gnu Mailman 2.1.1
Gnu Mailman 2.1.2
Gnu Mailman 2.0.14
Gnu Mailman 2.0.2
Gnu Mailman 2.0.3
Gnu Mailman 2.0
Gnu Mailman 2.1.5
Gnu Mailman 2.1.5.8
Gnu Mailman 2.0.12
Gnu Mailman 2.0.13
Gnu Mailman 2.0.8
Gnu Mailman 2.0.9
Gnu Mailman 2.1.3
Gnu Mailman 2.1.4
Gnu Mailman 2.0.1
Gnu Mailman 2.0.4
Gnu Mailman 2.0.5
Gnu Mailman 2.1
445
VMScore
CVE-2003-0991
Unknown vulnerability in the mail command handler in Mailman prior to 2.0.14 allows remote malicious users to cause a denial of service (crash) via malformed e-mail commands.
Gnu Mailman 1.0
Gnu Mailman 2.0.13
Gnu Mailman 2.0.2
Gnu Mailman 2.0.3
Gnu Mailman 2.0
Gnu Mailman 1.1
Gnu Mailman 2.0.4
Gnu Mailman 2.0.5
Gnu Mailman 2.0.11
Gnu Mailman 2.0.12
Gnu Mailman 2.0.8
Gnu Mailman 2.0.9
Gnu Mailman 2.1
Gnu Mailman 2.0.1
Gnu Mailman 2.0.10
Gnu Mailman 2.0.6
Gnu Mailman 2.0.7
Sgi Propack 2.3
409
VMScore
CVE-2000-0701
The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges.
Gnu Mailman 2.0
Conectiva Linux 4.2
Conectiva Linux 4.1
Conectiva Linux 5.1
Conectiva Linux 5.0
Redhat Linux
383
VMScore
CVE-2011-0707
Multiple cross-site scripting (XSS) vulnerabilities in Cgi/confirm.py in GNU Mailman 2.1.14 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) full name or (2) username field in a confirmation message.
Gnu Mailman 2.1.13
Gnu Mailman 2.1.5
Gnu Mailman 2.1.11
Gnu Mailman 2.0.5
Gnu Mailman 2.0.1
Gnu Mailman 2.1.5.8
Gnu Mailman 2.1.3
Gnu Mailman 2.0.11
Gnu Mailman 2.0.6
Gnu Mailman 2.0
Gnu Mailman 2.1.8
Gnu Mailman 1.1
Gnu Mailman 2.0.14
Gnu Mailman 2.0.12
Gnu Mailman 2.1.2
Gnu Mailman 2.0.9
Gnu Mailman 2.1.9
Gnu Mailman 2.0.3
Gnu Mailman 2.1
Gnu Mailman 2.1.14
Gnu Mailman 2.0.13
Gnu Mailman 2.1.6
383
VMScore
CVE-2004-1177
Cross-site scripting (XSS) vulnerability in the driver script in mailman prior to 2.1.5 allows remote malicious users to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page.
Gnu Mailman 2.0.12
Gnu Mailman 2.0.13
Gnu Mailman 2.0.8
Gnu Mailman 2.0.9
Gnu Mailman 2.1.4
Gnu Mailman 2.1b1
Gnu Mailman 2.0
Gnu Mailman 2.0.1
Gnu Mailman 2.0.4
Gnu Mailman 2.0.5
Gnu Mailman 2.1
Gnu Mailman 2.1.1
Gnu Mailman 2.0.10
Gnu Mailman 2.0.11
Gnu Mailman 2.0.6
Gnu Mailman 2.0.7
Gnu Mailman 2.1.2
Gnu Mailman 2.1.3
Gnu Mailman 1.0
Gnu Mailman 1.1
Gnu Mailman 2.0.2
Gnu Mailman 2.0.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started