Arbitrary text injection vulnerability in Mailman CGIs

Bug #1780874 reported by Mark Sapiro
This bug affects 1 person
Affects Status Importance Assigned to Milestone
GNU Mailman
Fix Released
Mark Sapiro

Bug Description

A URL with a very long text listname such as

will echo the text in the "No such list" error response. This can be used to make a potential victim think the phishing text comes from a trusted site.

This issue was discovered by Hammad Qureshi <email address hidden>.

Related branches

CVE References

Revision history for this message
Mark Sapiro (msapiro) wrote :

This patch mitigates the content spoofing vulnerability by truncating long list names.

information type: Private Security → Public
Mark Sapiro (msapiro)
Changed in mailman:
status: In Progress → Fix Released
Mark Sapiro (msapiro)
description: updated
Revision history for this message
Mark Sapiro (msapiro) wrote :

The prior patch was wrong. It has been removed. This patch is good.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.