Description

Pipermail in Mailman stores private mail messages with predictable filenames in a world-executable directory, which allows local users to read private mailing list archives.

Remediation

References

CVE-2002-0389

Related Vulnerabilities

WordPress Plugin Easy Digital Downloads-htaccess Editor Cross-Site Scripting (1.0.0)

WordPress Plugin NextCellent Gallery-NextGEN Legacy Cross-Site Scripting (1.9.27)

Ruby Improper Input Validation Vulnerability (CVE-2017-6181)

ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-22871)

Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-3376)

Severity

Low

Classification

CVE-2002-0389

Tags

Missing Update Known Vulnerabilities