Arbitrary text injection vulnerability in Mailman CGIs
Bug #1780874 reported by
Mark Sapiro
on 2018-07-09
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
| GNU Mailman |
Low
|
Mark Sapiro |
Bug Description
A URL with a very long text listname such as
http://
will echo the text in the "No such list" error response. This can be used to make a potential victim think the phishing text comes from a trusted site.
This issue was discovered by Hammad Qureshi <email address hidden>.
Related branches
CVE References
Mark Sapiro (msapiro)
on 2018-07-23
Changed in mailman: | |
status: | In Progress → Fix Released |
Mark Sapiro (msapiro)
on 2018-07-23
description: | updated |
Mark Sapiro (msapiro) wrote : | #2 |
The prior patch was wrong. It has been removed. This patch is good.
To post a comment you must log in.
This patch mitigates the content spoofing vulnerability by truncating long list names.