Description

Pipermail in Mailman stores private mail messages with predictable filenames in a world-executable directory, which allows local users to read private mailing list archives.

Remediation

References

CVE-2002-0389

Related Vulnerabilities

Moodle CVE-2025-67856 Vulnerability (CVE-2025-67856)

LimeSurvey CVE-2009-1604 Vulnerability (CVE-2009-1604)

XWiki CVE-2007-4898 Vulnerability (CVE-2007-4898)

Drupal Core 8.x.x Denial of Service (8.0.0 - 8.6.18)

Jetty Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-28163)

Severity

Low

Classification

CVE-2002-0389

Tags

Missing Update Known Vulnerabilities