CVE-2001-1132Mailman vulnerability

3 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.9%
top 25.00%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
GNU Mailman
Timeline
PublishedSep 5
Latest updateApr 30

Description

Mailman 2.0.x before 2.0.6 allows remote attackers to gain access to list administrative pages when there is an empty site or list password, which is not properly handled during the call to the crypt function during authentication.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDgnu/mailman2.0.5

🔴Vulnerability Details

2
GHSA
GHSA-6f9f-jc3v-j535: Mailman 22022-04-30
CVEList
CVE-2001-1132: Mailman 22002-06-25
CVE-2001-1132 — GNU Mailman vulnerability | cvebase