An path traversal vulnerability has been discovered in the “private” module of Mailman. A flawed path sanitation algorithm allowed the construction of URLS to arbitrary files readable by Mailman. This allowed a remote attacker to retrieve configuration and password databases, private list archives, and other files.
The problem can be corrected by updating your system to the following package versions:
10 February 2005
A security issue affects these releases of Ubuntu and its derivatives:
An path traversal vulnerability has been discovered in the “private” module of Mailman. A flawed path sanitation algorithm allowed the construction of URLS to arbitrary files readable by Mailman. This allowed a remote attacker to retrieve configuration and password databases, private list archives, and other files.
The problem can be corrected by updating your system to the following package versions:
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
Vulmon