NVD

Id
63257  
Name
CVE-2006-4624  
Description
CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 allows remote attackers to spoof messages in the error log and possibly trick the administrator into visiting malicious URLs via CRLF sequences in the URI.  
Reject
 
CVSS Version
2  
CVSS Score
2.6  
Severity
Low  
CVSS Base Score
2.6  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
4.9  
CVSS Vector
(AV:N/AC:H/Au:N/C:N/I:P/A:N)  
Pub Date
2016-12-20  
Published
2006-09-07  
Modified Date
2011-03-07  
Seq
2006-4624  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
329599 63257 CVE-2006-4624 [Mailman-Announce] 20060913 RELEASED: Mailman 2.1.9  View
329600 63257 CVE-2006-4624 http://moritz-naumann.com/adv/0013/mailmanmulti/0013.txt  View
329601 63257 CVE-2006-4624 oval:org.mitre.oval:def:9756  View
329602 63257 CVE-2006-4624 GLSA-200609-12  View
329603 63257 CVE-2006-4624 http://sourceforge.net/project/shownotes.php?group_id=103&release_id=444295  View
329604 63257 CVE-2006-4624 http://svn.sourceforge.net/viewvc/mailman/trunk/mailman/Mailman/Utils.py?r1=7859&r2=7923  View
329605 63257 CVE-2006-4624 DSA-1188  View
329606 63257 CVE-2006-4624 MDKSA-2006:165  View
329607 63257 CVE-2006-4624 SUSE-SR:2006:025  View
329608 63257 CVE-2006-4624 RHSA-2007:0779  View
329609 63257 CVE-2006-4624 20060913 Mailman 2.1.8 Multiple Security Issues  View
329610 63257 CVE-2006-4624 19831  View
329611 63257 CVE-2006-4624 20021  View
329612 63257 CVE-2006-4624 ADV-2006-3446  View
329613 63257 CVE-2006-4624 mailman-admin-spoofing(28734)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
58715 JVNDB-2006-000981 Mailman の Utils.py における CRLF インジェクションの脆弱性 Mailman には Utils.py において、URI 中の改行 (CRLF) 文字列の取り扱いに不備があり、CRLF インジェクションの脆弱性が存在します。 CVE-2006-4624 20726 CVE-2006-4624 63257 2.6 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-000981.html 2006-09-07 2007-12-07 View