5

CVE-2005-3573

Scrubber.py in Mailman 2.1.5-8 does not properly handle UTF8 character encodings in filenames of e-mail attachments, which allows remote attackers to cause a denial of service (application crash).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GnuMailman Version2.0 Updatebeta3
GnuMailman Version2.0 Updatebeta4
GnuMailman Version2.0 Updatebeta5
GnuMailman Version2.0.1
GnuMailman Version2.0.2
GnuMailman Version2.0.3
GnuMailman Version2.0.4
GnuMailman Version2.0.5
GnuMailman Version2.0.6
GnuMailman Version2.0.7
GnuMailman Version2.0.8
GnuMailman Version2.0.9
GnuMailman Version2.0.10
GnuMailman Version2.0.11
GnuMailman Version2.0.12
GnuMailman Version2.0.13
GnuMailman Version2.0.14
GnuMailman Version2.1
GnuMailman Version2.1.1 Updatebeta1
GnuMailman Version2.1.2
GnuMailman Version2.1.3
GnuMailman Version2.1.4
GnuMailman Version2.1.5
GnuMailman Version2.1.5.8
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.71% 0.841
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U
http://secunia.com/advisories/19532
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=327732
http://lists.suse.com/archive/suse-security-announce/2006-Jan/0003.html
http://mail.python.org/pipermail/mailman-users/2005-September/046523.html
http://secunia.com/advisories/17511
Vendor Advisory
http://secunia.com/advisories/17874
http://secunia.com/advisories/18456
http://secunia.com/advisories/18503
http://secunia.com/advisories/18612
http://secunia.com/advisories/19167
http://secunia.com/advisories/19196
http://securitytracker.com/id?1015735
http://www.debian.org/security/2006/dsa-955
http://www.osvdb.org/20819
http://www.redhat.com/support/errata/RHSA-2006-0204.html
http://www.securityfocus.com/bid/15408
http://www.trustix.org/errata/2006/0012/
http://www.ubuntu.com/usn/usn-242-1
http://www.vupen.com/english/advisories/2005/2404
http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:222
https://exchange.xforce.ibmcloud.com/vulnerabilities/23139
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10038