Signature Detail

HTTP: Mailman Admin Interface Cross-Site Scripting

This signature detects attempts to exploit a cross-site scripting vulnerability in the Mailman administrative Web interface.

Extended Description

Multiple cross-site scripting vulnerabilities were reported to exist in the administrative pages for GNU Mailman. These issues would likely be exploitable by enticing an administrative user to follow a malicious link with hostile HTML and script code embedded in it. Exploitation would likely result in theft of administrative cookie-based authentication credentials. Other attacks would also be possible.

Affected Products

• GNU Mailman 2.0.0
• GNU Mailman 2.0.0 .1
• GNU Mailman 2.0.0 .2
• GNU Mailman 2.0.0 .3
• GNU Mailman 2.0.0 .5
• GNU Mailman 2.0.0 .6
• GNU Mailman 2.0.0 .7
• GNU Mailman 2.0.0 .8
• GNU Mailman 2.0.1
• GNU Mailman 2.0.10
• GNU Mailman 2.0.11
• GNU Mailman 2.0.12
• GNU Mailman 2.0.13
• GNU Mailman 2.0.2
• GNU Mailman 2.0.3
• GNU Mailman 2.0.4
• GNU Mailman 2.0.5
• GNU Mailman 2.0.6
• GNU Mailman 2.0.7
• GNU Mailman 2.0.8
• GNU Mailman 2.0.9
• GNU Mailman 2.1.0
• GNU Mailman 2.1.1
• GNU Mailman 2.1.10 B1
• GNU Mailman 2.1.3
• Red Hat Fedora Core1

References

• BugTraq: 9336
• CVE: CVE-2003-0965
• URL: http://www.mandriva.com/security/advisories/?name=MDKSA-2004:013
• URL: http://www.debian.org/security/2004/dsa-436