CVE-2005-0202
published 2005-05-02CVE-2005-0202: Directory traversal vulnerability in the true_path function in private.py for Mailman 2.1.5 and earlier allows remote attackers to read arbitrary files via…
medium5CVSS 3.1
AVNACLAuNCPINAN
Directory traversal vulnerability in the true_path function in private.py for Mailman 2.1.5 and earlier allows remote attackers to read arbitrary files via ".../....///" sequences, which are not properly cleansed by regular expressions that are intended to remove "../" and "./" sequences.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| gnu | mailman | — | — |
| gnu | mailman | — | — |
| gnu | mailman | — | — |
| gnu | mailman | — | — |
| gnu | mailman | — | — |
| gnu | mailman | — | — |
| gnu | mailman | — | — |