Description

Mailman 2.0.x before 2.0.6 allows remote attackers to gain access to list administrative pages when there is an empty site or list password, which is not properly handled during the call to the crypt function during authentication.

Remediation

References

CVE-2001-1132

Related Vulnerabilities

Dot CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-6754)

MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23178)

WordPress Plugin Genesis Simple Defaults Arbitrary File Upload (1.0.0)

Apache Traffic Server Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)

phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0309)

Severity

High

Classification

CVE-2001-1132

Tags

Missing Update Known Vulnerabilities