CVE Vulnerabilities

CVE-2004-1143

Published: Dec 31, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

The password generation in mailman before 2.1.5 generates only 5 million unique passwords, which makes it easier for remote attackers to guess passwords via a brute force attack.

Affected Software

Name Vendor Start Version End Version
Mailman Gnu 1.0 (including) 1.0 (including)
Mailman Gnu 1.1 (including) 1.1 (including)
Mailman Gnu 2.0 (including) 2.0 (including)
Mailman Gnu 2.0-beta3 (including) 2.0-beta3 (including)
Mailman Gnu 2.0-beta4 (including) 2.0-beta4 (including)
Mailman Gnu 2.0-beta5 (including) 2.0-beta5 (including)
Mailman Gnu 2.0.1 (including) 2.0.1 (including)
Mailman Gnu 2.0.2 (including) 2.0.2 (including)
Mailman Gnu 2.0.3 (including) 2.0.3 (including)
Mailman Gnu 2.0.4 (including) 2.0.4 (including)
Mailman Gnu 2.0.5 (including) 2.0.5 (including)
Mailman Gnu 2.0.6 (including) 2.0.6 (including)
Mailman Gnu 2.0.7 (including) 2.0.7 (including)
Mailman Gnu 2.0.8 (including) 2.0.8 (including)
Mailman Gnu 2.0.9 (including) 2.0.9 (including)
Mailman Gnu 2.0.10 (including) 2.0.10 (including)
Mailman Gnu 2.0.11 (including) 2.0.11 (including)
Mailman Gnu 2.0.12 (including) 2.0.12 (including)
Mailman Gnu 2.0.13 (including) 2.0.13 (including)
Mailman Gnu 2.1 (including) 2.1 (including)
Mailman Gnu 2.1.1 (including) 2.1.1 (including)
Mailman Gnu 2.1.2 (including) 2.1.2 (including)
Mailman Gnu 2.1.3 (including) 2.1.3 (including)
Mailman Gnu 2.1.4 (including) 2.1.4 (including)
Mailman Gnu 2.1b1 (including) 2.1b1 (including)
Mailman Ubuntu dapper *
Mailman Ubuntu devel *
Mailman Ubuntu edgy *
Mailman Ubuntu feisty *

References