正文

GNU Mailman Attachment Scrubber Malformed MIME短信拒绝服务漏洞

admin V管理员 /2022年 /0 评论 /14 阅读

0103

此篇文章发布距今已超过1225天，您需要注意文章的内容或图片是否可用！

漏洞信息详情

GNU Mailman Attachment Scrubber Malformed MIME短信拒绝服务漏洞

CNNVD编号：CNNVD-200603-526
危害等级：中危-->
危害等级：中危
CVE编号： CVE-2006-0052
漏洞类型：其他
发布时间： 2006-03-31
威胁类型：远程
更新时间： 2006-03-31
厂商： gnu
漏洞来源： reported this issue to the vendor.');">Salada, Duncan S. ...

漏洞简介

在Mailman 2.1.5及其早期版本中的attachment scrubber (Scrubber.py)，当用于Python库邮件模块2.5上时，远程攻击者可制造一个拒绝服务(邮件列表发送失败) ，其手段是采用一段multipart MIME短信，它在位于首尾界限之间有二个空白行。

漏洞公告

目前厂商已经发布了升级补丁以修复这个安全问题，补丁下载链接：

GNU Mailman 1.0

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 1.1

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0 beta3

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0 beta4

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0 .1

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0 .7

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0 .5

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0 .3

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0 .6

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0 .2

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0 beta5

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0 .8

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.1

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.10

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.11

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.12

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.13

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.14

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.2

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.3

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.4

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.4

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.5

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.6

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.7

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.8

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.0.9

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.1

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.1.1

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.1.10 b1

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.1.2

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.1.3

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

GNU Mailman 2.1.4

GNU mailman-2.1.6.tgz

http://prdownloads.sourceforge.net/mailman/mailman-2.1.6.tgz?download

Mandriva mailman-2.1.4-2.6.C30mdk.i586.rpm

Corporate 3.0:

http://www.mandriva.com/en/download

Mandri

参考网址

来源: BID

名称: 17311

链接:http://www.securityfocus.com/bid/17311

来源: bugs.debian.org

链接:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=358892

来源: MANDRIVA

名称: MDKSA-2006:061

链接:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:061

来源: UBUNTU

名称: USN-267-1

链接:http://www.ubuntulinux.org/support/documentation/usn/usn-267-1

来源: REDHAT

名称: RHSA-2006:0486

链接:http://www.redhat.com/support/errata/RHSA-2006-0486.html

来源: OSVDB

名称: 24367

链接:http://www.osvdb.org/24367

来源: SUSE

名称: SUSE-SR:2006:008

链接:http://www.novell.com/linux/security/advisories/2006_08_sr.html

来源: MANDRIVA

名称: MDKSA-2006:061

链接:http://www.mandriva.com/security/advisories?name=MDKSA-2006:061

来源: DEBIAN

名称: DSA-1027

链接:http://www.debian.org/security/2006/dsa-1027

来源: SECTRACK

名称: 1015851

链接:http://securitytracker.com/id?1015851

来源: SECUNIA

名称: 20782

链接:http://secunia.com/advisories/20782

来源: SECUNIA

名称: 20624

链接:http://secunia.com/advisories/20624

来源: SECUNIA

名称: 19571

链接:http://secunia.com/advisories/19571

来源: SECUNIA

名称: 19545

链接:http://secunia.com/advisories/19545

来源: SECUNIA

名称: 19522

链接:http://secunia.com/advisories/19522

来源: SGI

名称: 20060602-01-U

链接:ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc

受影响实体

Gnu Mailman:2.1.5
Gnu Mailman:2.1b1
Gnu Mailman:2.0:Beta3
Gnu Mailman:2.0:Beta4
Gnu Mailman:2.0:Beta5

补丁

暂无

相关阅读

发表评论取消回复

评论列表（暂无评论，14人围观）

还没有评论，来说两句吧...

目录[+]

微信二维码

微信二维码

支付宝二维码