Your submission was sent successfully! Close

CVE-2006-4624

Published: 7 September 2006

CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 allows remote attackers to spoof messages in the error log and possibly trick the administrator into visiting malicious URLs via CRLF sequences in the URI.

Priority

Unknown

Status

Package Release Status
mailman
Launchpad, Ubuntu, Debian
dapper
Released (2.1.5-9ubuntu4.1)
edgy
Released (2.1.8-2ubuntu2)
feisty
Released (2.1.8-2ubuntu2)
gutsy
Released (2.1.8-2ubuntu2)
upstream Needs triage