Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mailman vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2001-1132
Mailman 2.0.x prior to 2.0.6 allows remote malicious users to gain access to list administrative pages when there is an empty site or list password, which is not properly handled during the call to the crypt function during authentication.
Gnu Mailman
4.6
CVSSv2
CVE-2001-0290
Vulnerability in Mailman 2.0.1 and previous versions allows list administrators to obtain user passwords.
Gnu Mailman
10
CVSSv2
CVE-2001-0021
MailMan Webmail 3.0.25 and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters in the alternate_template parameter.
Endymion Mailman Webmail 3.0.15
Endymion Mailman Webmail 3.0.16
Endymion Mailman Webmail 3.0.24
Endymion Mailman Webmail 3.0.25
Endymion Mailman Webmail 3.0
Endymion Mailman Webmail 3.0.1
Endymion Mailman Webmail 3.0.18
Endymion Mailman Webmail 3.0.19
Endymion Mailman Webmail 3.0.13
Endymion Mailman Webmail 3.0.14
Endymion Mailman Webmail 3.0.22
Endymion Mailman Webmail 3.0.23
Endymion Mailman Webmail 3.0.10
Endymion Mailman Webmail 3.0.11
Endymion Mailman Webmail 3.0.12
Endymion Mailman Webmail 3.0.20
Endymion Mailman Webmail 3.0.21
1 EDB exploit
7.2
CVSSv2
CVE-2000-0861
Mailman 1.1 allows list administrators to execute arbitrary commands via shell metacharacters in the %(listname) macro expansion.
Gnu Mailman 1.1
4.6
CVSSv2
CVE-2000-0701
The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges.
Gnu Mailman 2.0
Conectiva Linux 4.2
Conectiva Linux 4.1
Conectiva Linux 5.1
Conectiva Linux 5.0
Redhat Linux
3.6
CVSSv2
CVE-1999-0850
The default permissions for Endymion MailMan allow local users to read email or modify files.
Endymion Mailman Webmail 3.0.18
5
CVSSv2
CVE-1999-0742
The Debian mailman package uses weak authentication, which allows malicious users to gain privileges.
Debian Debian Linux 2.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6