Description
The 55_options_traceback.dpatch patch for mailman 2.1.5 in Ubuntu 4.10 displays a different error message depending on whether the e-mail address is subscribed to a private list, which allows remote attackers to determine the list membership for a given e-mail address.
Remediation
References
Related Vulnerabilities
MySQL Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2009-4030)
phpMyAdmin Improper Input Validation Vulnerability (CVE-2016-9860)
ProjectSend Improper Privilege Management Vulnerability (CVE-2020-28874)
WordPress Plugin Elementor Website Builder Multiple Vulnerabilities (3.16.4)