The default permissions for Endymion MailMan allow local users to read email or modify files.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| endymion | mailman_webmail | 3.0.18 |
MailMan Webmail 3.0.25 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the alternate_template parameter.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| endymion | mailman_webmail | 3.0.16 |
| endymion | mailman_webmail | 3.0.1 |
| endymion | mailman_webmail | 3.0.20 |
| endymion | mailman_webmail | 3.0.25 |
| endymion | mailman_webmail | 3.0.14 |
| endymion | mailman_webmail | 3.0.13 |
| endymion | mailman_webmail | 3.0.24 |
| endymion | mailman_webmail | 3.0.23 |
| endymion | mailman_webmail | 3.0 |
| endymion | mailman_webmail | 3.0.12 |
| endymion | mailman_webmail | 3.0.21 |
| endymion | mailman_webmail | 3.0.11 |
| endymion | mailman_webmail | 3.0.19 |
| endymion | mailman_webmail | 3.0.22 |
| endymion | mailman_webmail | 3.0.18 |
| endymion | mailman_webmail | 3.0.10 |
| endymion | mailman_webmail | 3.0.15 |
Directory traversal vulnerability in Endymion MailMan before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) and a null character in the ALTERNATE_TEMPLATES parameter for various mmstdo*.cgi programs.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| endymion | mailman_webmail | 3.0.16 |
| endymion | mailman_webmail | 3.0.20 |
| endymion | mailman_webmail | 3.0.14 |
| endymion | mailman_webmail | 3.0.13 |
| endymion | mailman_webmail | 3.0.24 |
| endymion | mailman_webmail | 3.0.23 |
| endymion | mailman_webmail | 3.0.12 |
| endymion | mailman_webmail | 3.0.21 |
| endymion | mailman_webmail | 3.0.6 |
| endymion | mailman_webmail | 3.0.33 |
| endymion | mailman_webmail | 3.0.11 |
| endymion | mailman_webmail | 3.0.19 |
| endymion | mailman_webmail | 3.0.22 |
| endymion | mailman_webmail | 3.0.29 |
| endymion | mailman_webmail | 3.0.7 |
| endymion | mailman_webmail | 3.0.10 |
| endymion | mailman_webmail | 3.0.34 |
| endymion | mailman_webmail | 3.0.4 |
| endymion | mailman_webmail | 3.0.15 |
| endymion | mailman_webmail | 3.0.28 |
| endymion | mailman_webmail | 3.0.8 |
| endymion | mailman_webmail | 3.0.30 |
| endymion | mailman_webmail | 3.0.32 |
| endymion | mailman_webmail | 3.0.1 |
| endymion | mailman_webmail | 3.0.35 |
| endymion | mailman_webmail | 3.0.26 |
| endymion | mailman_webmail | 3.0 |
| endymion | mailman_webmail | 3.0.2 |
| endymion | mailman_webmail | 3.0.18 |
| endymion | mailman_webmail | 3.0.31 |
| endymion | mailman_webmail | 3.0.27 |
Directory traversal vulnerability in the com.endymion.sake.servlet.mail.MailServlet servlet for Endymion SakeMail 1.0.36 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) and a null character in the param_name parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| endymion | sake_mail | 1.0.30 |
| endymion | sake_mail | 1.0.23 |
| endymion | sake_mail | 1.0.35 |
| endymion | sake_mail | 1.0.26 |
| endymion | sake_mail | 1.0.27 |
| endymion | sake_mail | 1.0.31 |
| endymion | sake_mail | 1.0.20 |
| endymion | sake_mail | 1.0.29 |
| endymion | sake_mail | 1.0.33 |
| endymion | sake_mail | 1.0.34 |
| endymion | sake_mail | 1.0.21 |
| endymion | sake_mail | 1.0.24 |
| endymion | sake_mail | 1.0.22 |
| endymion | sake_mail | 1.0.28 |
| endymion | sake_mail | 1.0.36 |