CVE-2005-0080

Sažetak

The 55_options_traceback.dpatch patch for mailman 2.1.5 in Ubuntu 4.10 displays a different error message depending on whether the e-mail address is subscribed to a private list, which allows remote attackers to determine the list membership for a given e-mail address.

Reference

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=285839
http://marc.info/?l=bugtraq&m=110549296126351&w=2
http://qa.debian.org/bts-security.html

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

18-10-2016 - 03:07

Objavljeno

02-05-2005 - 04:00