GNU Mailman Private Archive Script Cross-Site Scripting Vulnerability

Bugtraq ID:	17403
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Apr 07 2006 12:00AM
Updated:	Apr 10 2006 03:32PM
Credit:	Moritz Naumann is credited with the discovery of this vulnerability.
Vulnerable:	GNU Mailman 2.1.7
Not Vulnerable:	GNU Mailman 2.1.8 rc1

GNU Mailman Private Archive Script Cross-Site Scripting Vulnerability

Mailman is prone to a cross-site scripting vulnerability. The application fails to properly sanitize user-supplied input in the private archive script.

An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

This issue affects version 2.1.7; other versions may also be vulnerable.

GNU Mailman Private Archive Script Cross-Site Scripting Vulnerability

This issue can be exploited through a web client.

GNU Mailman Private Archive Script Cross-Site Scripting Vulnerability

Solution:

The vendor has released version 2.1.8rc1 to address this issue.


GNU Mailman 2.1.7

• GNU mailman-2.1.9rc1.tgz
  http://sourceforge.net/project/showfiles.php?group_id=103&package_id=6 9562&release_id=444295

GNU Mailman Private Archive Script Cross-Site Scripting Vulnerability

References:

• [Mailman-Announce] Released: Mailman 2.1.8 release candidate (Tokio Kikuchi)
  
• Mailman Homepage (GNU)