CVE-2006-4624

Currently unrated

Key Information:

Vendor: Gnu
Status: Mailman
Vendor: CVE Published:; 7 September 2006

Summary

CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 allows remote attackers to spoof messages in the error log and possibly trick the administrator into visiting malicious URLs via CRLF sequences in the URI.

References

http://www.vupen.com/english/advisories/2006/3446

vdb-entryx_refsource_VUPEN

http://www.debian.org/security/2006/dsa-1188

vendor-advisoryx_refsource_DEBIAN

http://mail.python.org/pipermail/mailman-announce/2006-Se...

mailing-listx_refsource_MLIST

EPSS Score

1% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 7, 2006
Vulnerability Reserved
Sep 7, 2006