mailman-2.1.15-30.el7.2
エラータID: AXSA:2021-2576:01
Mailman is a program used to help manage e-mail discussion lists.
Security Fix(es):
* mailman: CSRF token bypass allows to perform CSRF attacks and account takeover (CVE-2021-42097)
* mailman: CSRF token bypass allows to perform CSRF attacks and admin takeover (CVE-2021-44227)
* mailman: CSRF protection missing in the user options page (CVE-2016-6893)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2016-6893
Cross-site request forgery (CSRF) vulnerability in the user options page in GNU Mailman 2.1.x before 2.1.23 allows remote attackers to hijack the authentication of arbitrary users for requests that modify an option, as demonstrated by gaining access to the credentials of a victim's account.
CVE-2021-42097
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin (e.g., for account takeover).
CVE-2021-44227
In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin password or make other changes.
Update packages.
Cross-site request forgery (CSRF) vulnerability in the user options page in GNU Mailman 2.1.x before 2.1.23 allows remote attackers to hijack the authentication of arbitrary users for requests that modify an option, as demonstrated by gaining access to the credentials of a victim's account.
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin (e.g., for account takeover).
In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin password or make other changes.
N/A
SRPMS
- mailman-2.1.15-30.el7.2.src.rpm
MD5: 02782b5e3b206b8cbbb39089a166ec35
SHA-256: 2343c9ad0bef5dda15bb8826cd9ffe6ce6d4473f7321fe1a27888890853cf889
Size: 8.19 MB
Asianux Server 7 for x86_64
- mailman-2.1.15-30.el7.2.x86_64.rpm
MD5: 52c20b8e67987bab846892723d646b28
SHA-256: 1fc04a62f71edc98efaeba3364e7e2612ddb1bc8da924953adb4ba1176da45db
Size: 5.41 MB