Signature Detail

HTTP: Mailman "options.py" Cross-Site Scripting

This signature detects attempts to exploit a cross-site scripting vulnerability in Mailman 2.1, a discussion list management application that uses Web pages. Attackers can include options.py in a maliciously crafted URI sent to Mailman scripts, enabling attackers to place scripts or HTML into discussion list Web pages.

Extended Description

A vulnerability has been discovered in GNU Mailman. The issue occurs to insufficient sanitization of user-supplied data which is output when generating error pages. As a result, attackers may embed malicious script code or HTML into a link to a site running the vulnerable software. If such a link is followed, the attacker-supplied code will be interpreted in the web browser of the victim of the attack. It may be possible to steal the unsuspecting user's cookie-based authentication credentials, as well as other sensitive information. Other attacks are also possible. It has been reported that GNU Mailman 2.0.11 is not affected by this issue.

Affected Products

• GNU Mailman 2.1.0

References

• BugTraq: 6678
• CVE: CVE-2003-0038
• URL: http://www.debian.org/security/2004/dsa-436