FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2003-0965

This CVE name corresponds to:

Entered Topic
2004-02-25 mailman XSS in admin script

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2003-0965 at cve.mitre.org

Details

Type Candidate
Name CVE-2003-0965
Phase Assigned(20031126)

Description

Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities.

References

Source Reference
MLIST [Mailman-Announce] 20031231 RELEASED Mailman 2.1.4
CONECTIVA CLA-2004:842
REDHAT RHSA-2004:020
DEBIAN DSA-436
MANDRAKE MDKSA-2004:013
OSVDB 3305
SECUNIA 10519
XF mailman-admin-xss(14121)
BID 9336
OVAL oval:org.mitre.oval:def:813

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.