Description

Mailman 2.0.x before 2.0.6 allows remote attackers to gain access to list administrative pages when there is an empty site or list password, which is not properly handled during the call to the crypt function during authentication.

Remediation

References

CVE-2001-1132

Related Vulnerabilities

PostgreSQL Improper Input Validation Vulnerability (CVE-2012-3489)

WordPress Plugin Constant Contact for WordPress Unspecified Vulnerability (3.1.6)

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1484)

b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5494)

PHP Use of Externally-Controlled Format String Vulnerability (CVE-2010-2950)

Severity

High

Classification

CVE-2001-1132

Tags

Missing Update Known Vulnerabilities