FreeBSD Ports: Mailman, Ja-mailman Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Solution

Update your system with the appropriate patches or software upgrades. http://mail.python.org/pipermail/mailman-developers/2004-December/017553.html http://mail.python.org/pipermail/mailman-developers/attachments/20041215/be238297/attachment.mht http://www.vuxml.org/freebsd/b3cd00f7-c0c5-452d-87bc-086c5635333e.html

Insight

The following packages are affected: mailman ja-mailman CVE-2004-1143 The password generation in mailman before 2.1.5 generates only 5 million unique passwords, which makes it easier for remote attackers to guess passwords via a brute force attack.

Severity

Classification

CVE CVE-2004-1143

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

FreeBSD Ports: cdf3
FreeBSD Ports: ca_root_nss
FreeBSD Ports: chromium
FreeBSD Ports: chromium
FreeBSD Ports: clamav

FreeBSD Ports: mailman, ja-mailman

Take action and discover your vulnerabilities