Debian Security Advisory DSA 088-1 (fml) Network Vulnerability

Summary

The remote host is missing an update to fml announced via advisory DSA 088-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20088-1

Insight

The fml (a mailing list package) as distributed in Debian GNU/Linux 2.2 suffers from a cross-site scripting problem. When generating index pages for list archives the `<' and `>' characters were not properly escaped for subjects. This has been fixed in version 3.0+beta.20000106-5, and we recommend that you upgrade your fml package to that version. Upgrading will automatically regenerate the index pages.

Severity

Classification

CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Debian Security Advisory DSA 1062-1 (kphone)
Debian Security Advisory DSA 1119-1 (hiki)
Debian Security Advisory DSA 086-1 (ssh-nonfree, ssh-socks)
Debian Security Advisory DSA 1064-1 (cscope)
Debian Security Advisory DSA 1111-2 (kernel-source-2.6.8 et. al.)

Take action and discover your vulnerabilities