Hello, This isn't a major threat or anything but this product does allow cross site scripting. From the list of sites below as examples you get an idea of just how popular this product is. http://www1.dshield.org/mailman/listinfo/<img%20src=javascript:alert(document.domain)> http://mail.gnu.org/mailman/listinfo/<img%20src=javascript:alert(document.domain)> http://lists.bell-labs.com/mailman/listinfo/<img%20src=javascript:alert(document.domain)> http://mail.gnome.org/mailman/listinfo/<img%20src=javascript:alert(document.domain)> http://www.lists.apple.com/mailman/listinfo/<img%20src=javascript:alert(document.domain)> Patching information is included within the advisory. - zeno PS: advisory can also be located at http://www.cgisecurity.org/advisory/7.txt [ Cgi Security Advisory #7 ] admin@cgisecurity.com Mailman Email archiver Cross Site Scripting Hole Found November 2001 Public Release Sometime in November 2001 Vendor Contacted November 2001 Scripts Effected: Mailman Email Archiver Price: Free Versions: All Versions appear to be effected Platforms: Unix, Linux, Other? Vendor: http://sourceforge.net/projects/mailman 1. Problem This product is affected by a Cross Site Scripting hole, which may allow an attacker to trick a user into thinking something the attacker wrote actually came from the site that is effected. This involves some social engineering to a point but could possibly allow gathering of user information and other types of fraud. http://host/mailman/listinfo/<img%20src=javascript:alert(document.domain)> This will gladly show you a pop up javascript box. 2. Fixes The vendor has been notified of the problem, Upgrade to version 2.0.8 in order to fix this problem. TarBalls http://sourceforge.net/project/showfiles.php?group_id=103 Published to the Public November 2001 Copyright November 2001 Cgisecurity.com
