CVE Vulnerabilities

CVE-2001-0021

Published: Feb 16, 2001 | Modified: Oct 10, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

MailMan Webmail 3.0.25 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the alternate_template parameter.

Affected Software

Name Vendor Start Version End Version
Mailman_webmail Endymion 3.0.12 3.0.12
Mailman_webmail Endymion 3.0.24 3.0.24
Mailman_webmail Endymion 3.0.13 3.0.13
Mailman_webmail Endymion 3.0.11 3.0.11
Mailman_webmail Endymion 3.0.20 3.0.20
Mailman_webmail Endymion 3.0.19 3.0.19
Mailman_webmail Endymion 3.0.14 3.0.14
Mailman_webmail Endymion 3.0.16 3.0.16
Mailman_webmail Endymion 3.0.18 3.0.18
Mailman_webmail Endymion 3.0.1 3.0.1
Mailman_webmail Endymion 3.0 3.0
Mailman_webmail Endymion 3.0.23 3.0.23
Mailman_webmail Endymion 3.0.21 3.0.21
Mailman_webmail Endymion 3.0.15 3.0.15
Mailman_webmail Endymion 3.0.25 3.0.25
Mailman_webmail Endymion 3.0.22 3.0.22
Mailman_webmail Endymion 3.0.10 3.0.10

References