GNU Mailman Attachment Scrubber Malformed MIME Message Denial Of Service Vulnerability

Bugtraq ID:	17311
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2006-0052
Remote:	Yes
Local:	No
Published:	Mar 29 2006 12:00AM
Updated:	Dec 15 2006 09:03PM
Credit:	Salada, Duncan S. <[email protected]> reported this issue to the vendor.
Vulnerable:	Ubuntu Ubuntu Linux 5.10 powerpc Ubuntu Ubuntu Linux 5.10 i386 Ubuntu Ubuntu Linux 5.10 amd64 Ubuntu Ubuntu Linux 5.0 4 powerpc Ubuntu Ubuntu Linux 5.0 4 i386 Ubuntu Ubuntu Linux 5.0 4 amd64 Ubuntu Ubuntu Linux 4.1 ppc Ubuntu Ubuntu Linux 4.1 ia64 Ubuntu Ubuntu Linux 4.1 ia32 SuSE Linux Enterprise Server 9 SGI ProPack 3.0 SP6 S.u.S.E. Linux Professional 9.3 x86_64 S.u.S.E. Linux Professional 9.3 S.u.S.E. Linux Professional 9.2 x86_64 S.u.S.E. Linux Professional 9.2 S.u.S.E. Linux Professional 9.1 x86_64 S.u.S.E. Linux Professional 9.1 S.u.S.E. Linux Personal 9.3 x86_64 S.u.S.E. Linux Personal 9.3 S.u.S.E. Linux Personal 9.2 x86_64 S.u.S.E. Linux Personal 9.2 S.u.S.E. Linux Personal 9.1 x86_64 S.u.S.E. Linux Personal 9.1 Redhat Enterprise Linux WS 4 Redhat Enterprise Linux ES 4 Redhat Enterprise Linux AS 4 Redhat Desktop 4.0 Redhat Desktop 3.0 Mandriva Linux Mandrake 10.2 x86_64 Mandriva Linux Mandrake 10.2 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 GNU Mailman 2.1.10 b1 GNU Mailman 2.1.5 + Debian Linux 3.1 sparc + Debian Linux 3.1 s/390 + Debian Linux 3.1 ppc + Debian Linux 3.1 mipsel + Debian Linux 3.1 mips + Debian Linux 3.1 m68k + Debian Linux 3.1 ia-64 + Debian Linux 3.1 ia-32 + Debian Linux 3.1 hppa + Debian Linux 3.1 arm + Debian Linux 3.1 amd64 + Debian Linux 3.1 alpha + Debian Linux 3.1 + Mandriva Linux Mandrake 10.1 x86_64 + Mandriva Linux Mandrake 10.1 + Redhat Enterprise Linux Desktop version 4 + Redhat Enterprise Linux AS 4 + Redhat Enterprise Linux AS 3 + Redhat Enterprise Linux ES 4 + Redhat Enterprise Linux ES 3 + Redhat Enterprise Linux WS 4 + Redhat Enterprise Linux WS 3 GNU Mailman 2.1.4 + MandrakeSoft Corporate Server 3.0 + Mandriva Linux Mandrake 10.0 AMD64 + Mandriva Linux Mandrake 10.0 GNU Mailman 2.1.3 GNU Mailman 2.1.2 + Mandriva Linux Mandrake 9.2 amd64 + Mandriva Linux Mandrake 9.2 GNU Mailman 2.1.1 + Redhat Linux 9.0 i386 + Redhat Linux 7.3 i686 + Redhat Linux 7.3 i386 + Redhat Linux 7.3 GNU Mailman 2.1 GNU Mailman 2.0.14 + MandrakeSoft Corporate Server 2.1 x86_64 + MandrakeSoft Corporate Server 2.1 GNU Mailman 2.0.13 + Redhat Enterprise Linux AS 2.1 IA64 + Redhat Enterprise Linux AS 2.1 + Redhat Enterprise Linux ES 2.1 IA64 + Redhat Enterprise Linux ES 2.1 + Redhat Enterprise Linux WS 2.1 IA64 + Redhat Enterprise Linux WS 2.1 GNU Mailman 2.0.12 GNU Mailman 2.0.11 + Debian Linux 3.0 GNU Mailman 2.0.10 GNU Mailman 2.0.9 GNU Mailman 2.0.8 + Redhat Linux 7.3 i386 + Redhat Linux 7.2 ia64 + Redhat Linux 7.2 i386 - Redhat PowerTools 7.1 - Redhat PowerTools 7.0 GNU Mailman 2.0.7 GNU Mailman 2.0.6 GNU Mailman 2.0.5 - Debian Linux 2.2 sparc - Debian Linux 2.2 powerpc - Debian Linux 2.2 arm - Debian Linux 2.2 alpha - Debian Linux 2.2 68k - Debian Linux 2.2 - FreeBSD FreeBSD 4.3 - HP HP-UX 11.11 - HP HP-UX 11.0 - HP HP-UX 10.20 - Mandriva Linux Mandrake 8.0 - Mandriva Linux Mandrake 7.2 - Mandriva Linux Mandrake 7.1 - NetBSD NetBSD 1.5.2 - NetBSD NetBSD 1.5.1 - OpenBSD OpenBSD 2.9 - OpenBSD OpenBSD 2.8 - OpenBSD OpenBSD 2.7 - Redhat Linux 7.1 - Redhat Linux 7.0 - Slackware Linux 8.0 - Slackware Linux 7.1 - Slackware Linux 7.0 - Sun Solaris 8_sparc - Sun Solaris 7.0 - Sun Solaris 2.6 - SuSE Linux 7.2 - SuSE Linux 7.1 - SuSE Linux 7.0 GNU Mailman 2.0.4 GNU Mailman 2.0.4 GNU Mailman 2.0.3 GNU Mailman 2.0.2 GNU Mailman 2.0.1 GNU Mailman 2.0 beta5 + Redhat Secure Web Server 3.2 i386 GNU Mailman 2.0 beta4 - BSDI BSD/OS 4.0 - Debian Linux 2.2 - Debian Linux 2.1 - Digital UNIX 4.0 - FreeBSD FreeBSD 5.0 - FreeBSD FreeBSD 4.0 - FreeBSD FreeBSD 3.5 - HP HP-UX 11.0 - HP HP-UX 10.20 - IBM AIX 4.3 - Mandriva Linux Mandrake 7.1 - Mandriva Linux Mandrake 7.0 - NetBSD NetBSD 1.4.2 x86 - NetBSD NetBSD 1.4.1 x86 + Redhat Secure Web Server 3.2 i386 + Redhat Secure Web Server 3.1 sparc + Redhat Secure Web Server 3.1 i386 + Redhat Secure Web Server 3.1 alpha + Redhat Secure Web Server 3.0 i386 - SGI IRIX 6.5 - Sun Solaris 8_sparc - Sun Solaris 7.0 GNU Mailman 2.0 beta3 - BSDI BSD/OS 4.0 - Debian Linux 2.2 - Debian Linux 2.1 - Digital UNIX 4.0 - FreeBSD FreeBSD 5.0 - FreeBSD FreeBSD 4.0 - FreeBSD FreeBSD 3.5 - HP HP-UX 11.0 - HP HP-UX 10.20 - IBM AIX 4.3 - Mandriva Linux Mandrake 7.1 - Mandriva Linux Mandrake 7.0 - NetBSD NetBSD 1.4.2 x86 - NetBSD NetBSD 1.4.1 x86 + Redhat Secure Web Server 3.2 i386 + Redhat Secure Web Server 3.1 sparc + Redhat Secure Web Server 3.1 i386 + Redhat Secure Web Server 3.1 alpha + Redhat Secure Web Server 3.0 i386 - SGI IRIX 6.5 - Sun Solaris 8_sparc - Sun Solaris 7.0 GNU Mailman 2.0 .8 + Redhat Secure Web Server 3.2 i386 GNU Mailman 2.0 .7 GNU Mailman 2.0 .6 + Redhat Linux 7.2 i386 GNU Mailman 2.0 .5 GNU Mailman 2.0 .3 GNU Mailman 2.0 .2 GNU Mailman 2.0 .1 GNU Mailman 2.0 GNU Mailman 1.1 + Debian Linux 2.2 sparc + Debian Linux 2.2 powerpc + Debian Linux 2.2 IA-32 + Debian Linux 2.2 arm + Debian Linux 2.2 alpha + Debian Linux 2.2 68k + Debian Linux 2.2 GNU Mailman 1.0 + Debian Linux 2.1 Debian Linux 3.1 sparc Debian Linux 3.1 s/390 Debian Linux 3.1 ppc Debian Linux 3.1 mipsel Debian Linux 3.1 mips Debian Linux 3.1 m68k Debian Linux 3.1 ia-64 Debian Linux 3.1 ia-32 Debian Linux 3.1 hppa Debian Linux 3.1 arm Debian Linux 3.1 amd64 Debian Linux 3.1 alpha Debian Linux 3.1
Not Vulnerable:	GNU Mailman 2.1.6

GNU Mailman Attachment Scrubber Malformed MIME Message Denial Of Service Vulnerability

GNU Mailman is prone to denial-of-service attacks. This issue affects the attachment-scrubber utility.

The vulnerability could be triggered by mailing-list posts and will affect the availability of mailing lists hosted by the application.

This issue presents itself only when Mailman is used in conjunction with Python email version 2.5.

GNU Mailman Attachment Scrubber Malformed MIME Message Denial Of Service Vulnerability

An exploit is not required.

GNU Mailman Attachment Scrubber Malformed MIME Message Denial Of Service Vulnerability

Solution:
The vendor has released version 2.1.6 of Mailman to address this issue.

Please see the referenced vendor advisories for more information.


GNU Mailman 1.0

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 1.1

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0 beta3

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0 beta4

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0 .1

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0 .7

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0 .5

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0 .3

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0 .6

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0 .2

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0 beta5

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0 .8

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.1

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.10

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.11

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.12

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.13

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.14

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.2

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.3

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.4

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.4

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.5

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.6

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.7

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.8

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.9

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.1

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.1.1

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.1.10 b1

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.1.2

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.1.3

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.1.4

• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download


• Mandriva mailman-2.1.4-2.6.C30mdk.i586.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download


• Mandriva mailman-2.1.4-2.6.C30mdk.src.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download


• Mandriva mailman-2.1.4-2.6.C30mdk.x86_64.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download

GNU Mailman 2.1.5

• Debian mailman_2.1.5-8sarge2_alpha.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/m/mailman/mailman_2.1.5-8 sarge2_alpha.deb


• Debian mailman_2.1.5-8sarge2_amd64.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/m/mailman/mailman_2.1.5-8 sarge2_amd64.deb


• Debian mailman_2.1.5-8sarge2_arm.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/m/mailman/mailman_2.1.5-8 sarge2_arm.deb


• Debian mailman_2.1.5-8sarge2_hppa.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/m/mailman/mailman_2.1.5-8 sarge2_hppa.deb


• Debian mailman_2.1.5-8sarge2_i386.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/m/mailman/mailman_2.1.5-8 sarge2_i386.deb


• Debian mailman_2.1.5-8sarge2_ia64.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/m/mailman/mailman_2.1.5-8 sarge2_ia64.deb


• Debian mailman_2.1.5-8sarge2_m68k.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/m/mailman/mailman_2.1.5-8 sarge2_m68k.deb


• Debian mailman_2.1.5-8sarge2_mips.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/m/mailman/mailman_2.1.5-8 sarge2_mips.deb


• Debian mailman_2.1.5-8sarge2_mipsel.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/m/mailman/mailman_2.1.5-8 sarge2_mipsel.deb


• Debian mailman_2.1.5-8sarge2_powerpc.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/m/mailman/mailman_2.1.5-8 sarge2_powerpc.deb


• Debian mailman_2.1.5-8sarge2_s390.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/m/mailman/mailman_2.1.5-8 sarge2_s390.deb


• Debian mailman_2.1.5-8sarge2_sparc.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/m/mailman/mailman_2.1.5-8 sarge2_sparc.deb


• GNU mailman-2.1.6.tgz
  http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download


• Mandriva mailman-2.1.5-15.3.102mdk.i586.rpm
  Mandriva Linux 10.2:
  http://www.mandriva.com/en/download


• Mandriva mailman-2.1.5-15.3.102mdk.src.rpm
  Mandriva Linux 10.2:
  http://www.mandriva.com/en/download


• Mandriva mailman-2.1.5-15.3.102mdk.x86_64.rpm
  Mandriva Linux 10.2:
  http://www.mandriva.com/en/download


• Ubuntu mailman_2.1.5-1ubuntu2.7_amd64.deb
  Ubuntu 4.10:
  http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-1u buntu2.7_amd64.deb


• Ubuntu mailman_2.1.5-1ubuntu2.7_i386.deb
  Ubuntu 4.10:
  http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-1u buntu2.7_i386.deb


• Ubuntu mailman_2.1.5-1ubuntu2.7_powerpc.deb
  Ubuntu 4.10:
  http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-1u buntu2.7_powerpc.deb


• Ubuntu mailman_2.1.5-7ubuntu0.2_amd64.deb
  Ubuntu 5.04:
  http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-7u buntu0.2_amd64.deb


• Ubuntu mailman_2.1.5-7ubuntu0.2_i386.deb
  Ubuntu 5.04:
  http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-7u buntu0.2_i386.deb


• Ubuntu mailman_2.1.5-7ubuntu0.2_powerpc.deb
  Ubuntu 5.04:
  http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-7u buntu0.2_powerpc.deb


• Ubuntu mailman_2.1.5-8ubuntu2.2_amd64.deb
  Ubuntu 5.10:
  http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-8u buntu2.2_amd64.deb


• Ubuntu mailman_2.1.5-8ubuntu2.2_i386.deb
  Ubuntu 5.10:
  http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-8u buntu2.2_i386.deb


• Ubuntu mailman_2.1.5-8ubuntu2.2_powerpc.deb
  Ubuntu 5.10:
  http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-8u buntu2.2_powerpc.deb

GNU Mailman Attachment Scrubber Malformed MIME Message Denial Of Service Vulnerability

References:

• [ 1099138 ] Scrubber.py traceback (GNU)
  
• [Mailman-Users] Uncaught runner exception (GNU)
  
• Debian Bug report logs - #358892 (Debian)
  
• Mailman Homepage (GNU)
  
• RHSA-2006:0486-4 - mailman security update (Red Hat)