Description
Mailman 2.0.x before 2.0.6 allows remote attackers to gain access to list administrative pages when there is an empty site or list password, which is not properly handled during the call to the crypt function during authentication.
Remediation
References
Related Vulnerabilities
PHP Other Vulnerability (CVE-2004-1018)
WordPress Plugin Snazzy Maps Multiple Cross-Site Scripting Vulnerabilities (1.1.3)
Ruby on Rails Improper Access Control Vulnerability (CVE-2016-6317)
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-3554)
WordPress Plugin WatchMan-Site7 Cross-Site Request Forgery (3.0.2)