Arbitrary text injection vulnerability in Mailman CGIs

Bug #1780874 reported by Mark Sapiro
This bug affects 1 person
Affects Status Importance Assigned to Milestone
GNU Mailman
Fix Released
Mark Sapiro

Bug Description

A URL with a very long text listname such as

will echo the text in the "No such list" error response. This can be used to make a potential victim think the phishing text comes from a trusted site.

This issue was discovered by Hammad Qureshi <email address hidden>.

Related branches

CVE References

Revision history for this message
Mark Sapiro (msapiro) wrote :

This patch mitigates the content spoofing vulnerability by truncating long list names.

information type: Private Security → Public
Mark Sapiro (msapiro)
Changed in mailman:
status: In Progress → Fix Released
Mark Sapiro (msapiro)
description: updated
Revision history for this message
Mark Sapiro (msapiro) wrote :

The prior patch was wrong. It has been removed. This patch is good.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Other bug subscribers