CVE-2015-2775

Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.

CVSS v2.0 7.6 HIGH

7.6^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:H/Au:N/C:C/I:C/A:C

Exploitability : 4.9 / Impact : 10.0

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154911.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156742.html
http://rhn.redhat.com/errata/RHSA-2015-1153.html
http://rhn.redhat.com/errata/RHSA-2015-1417.html
http://www.debian.org/security/2015/dsa-3214
http://www.securityfocus.com/bid/73922
http://www.securitytracker.com/id/1032033
http://www.ubuntu.com/usn/USN-2558-1
https://bugs.launchpad.net/mailman/+bug/1437145
https://mail.python.org/pipermail/mailman-announce/2015-March/000209.html
https://mail.python.org/pipermail/mailman-developers/2015-March/024871.html	Vendor Advisory
https://mail.python.org/pipermail/mailman-developers/2015-March/024875.html	Exploit
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154911.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156742.html
http://rhn.redhat.com/errata/RHSA-2015-1153.html
http://rhn.redhat.com/errata/RHSA-2015-1417.html
http://www.debian.org/security/2015/dsa-3214
http://www.securityfocus.com/bid/73922
http://www.securitytracker.com/id/1032033
http://www.ubuntu.com/usn/USN-2558-1
https://bugs.launchpad.net/mailman/+bug/1437145
https://mail.python.org/pipermail/mailman-announce/2015-March/000209.html
https://mail.python.org/pipermail/mailman-developers/2015-March/024871.html	Vendor Advisory
https://mail.python.org/pipermail/mailman-developers/2015-March/024875.html	Exploit

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:14.10:::::::*
	cpe:2.3:o:debian:debian_linux:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

Configuration 2 (hide)

cpe:2.3:a:gnu:mailman:*:*:*:*:*:*:*:*

History

21 Nov 2024, 02:28

Type	Values Removed	Values Added
References	~~() http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154911.html -~~	() http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154911.html -
References	~~() http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156742.html -~~	() http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156742.html -
References	~~() http://rhn.redhat.com/errata/RHSA-2015-1153.html -~~	() http://rhn.redhat.com/errata/RHSA-2015-1153.html -
References	~~() http://rhn.redhat.com/errata/RHSA-2015-1417.html -~~	() http://rhn.redhat.com/errata/RHSA-2015-1417.html -
References	~~() http://www.debian.org/security/2015/dsa-3214 -~~	() http://www.debian.org/security/2015/dsa-3214 -
References	~~() http://www.securityfocus.com/bid/73922 -~~	() http://www.securityfocus.com/bid/73922 -
References	~~() http://www.securitytracker.com/id/1032033 -~~	() http://www.securitytracker.com/id/1032033 -
References	~~() http://www.ubuntu.com/usn/USN-2558-1 -~~	() http://www.ubuntu.com/usn/USN-2558-1 -
References	~~() https://bugs.launchpad.net/mailman/+bug/1437145 -~~	() https://bugs.launchpad.net/mailman/+bug/1437145 -
References	~~() https://mail.python.org/pipermail/mailman-announce/2015-March/000209.html -~~	() https://mail.python.org/pipermail/mailman-announce/2015-March/000209.html -
References	~~() https://mail.python.org/pipermail/mailman-developers/2015-March/024871.html - Vendor Advisory~~	() https://mail.python.org/pipermail/mailman-developers/2015-March/024871.html - Vendor Advisory
References	~~() https://mail.python.org/pipermail/mailman-developers/2015-March/024875.html - Exploit~~	() https://mail.python.org/pipermail/mailman-developers/2015-March/024875.html - Exploit

Information

Published : 2015-04-13 14:59

Updated : 2024-11-21 02:28

NVD link : CVE-2015-2775

Mitre link : CVE-2015-2775

CVE.ORG link : CVE-2015-2775

JSON object : View

Products Affected

gnu

mailman

canonical

ubuntu_linux

debian

debian_linux

redhat

enterprise_linux

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

7.6 /10