Vulnerability Details CVE-2002-0417
Directory traversal vulnerability in Endymion MailMan before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) and a null character in the ALTERNATE_TEMPLATES parameter for various mmstdo*.cgi programs.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 77.7%
CVSS Severity
CVSS v2 Score 5.0
References
- http://online.securityfocus.com/archive/1/259730
- http://www.endymion.com/products/mailman/history.htm
- http://www.iss.net/security_center/static/8357.php
- http://www.securityfocus.com/bid/4222
- http://online.securityfocus.com/archive/1/259730
- http://www.endymion.com/products/mailman/history.htm
- http://www.iss.net/security_center/static/8357.php
- http://www.securityfocus.com/bid/4222
Products affected by CVE-2002-0417
-
cpe:2.3:a:endymion:mailman_webmail:3.0
-
cpe:2.3:a:endymion:mailman_webmail:3.0.1
-
cpe:2.3:a:endymion:mailman_webmail:3.0.10
-
cpe:2.3:a:endymion:mailman_webmail:3.0.11
-
cpe:2.3:a:endymion:mailman_webmail:3.0.12
-
cpe:2.3:a:endymion:mailman_webmail:3.0.13
-
cpe:2.3:a:endymion:mailman_webmail:3.0.14
-
cpe:2.3:a:endymion:mailman_webmail:3.0.15
-
cpe:2.3:a:endymion:mailman_webmail:3.0.16
-
cpe:2.3:a:endymion:mailman_webmail:3.0.18
-
cpe:2.3:a:endymion:mailman_webmail:3.0.19
-
cpe:2.3:a:endymion:mailman_webmail:3.0.2
-
cpe:2.3:a:endymion:mailman_webmail:3.0.20
-
cpe:2.3:a:endymion:mailman_webmail:3.0.21
-
cpe:2.3:a:endymion:mailman_webmail:3.0.22
-
cpe:2.3:a:endymion:mailman_webmail:3.0.23
-
cpe:2.3:a:endymion:mailman_webmail:3.0.24
-
cpe:2.3:a:endymion:mailman_webmail:3.0.26
-
cpe:2.3:a:endymion:mailman_webmail:3.0.27
-
cpe:2.3:a:endymion:mailman_webmail:3.0.28
-
cpe:2.3:a:endymion:mailman_webmail:3.0.29
-
cpe:2.3:a:endymion:mailman_webmail:3.0.30
-
cpe:2.3:a:endymion:mailman_webmail:3.0.31
-
cpe:2.3:a:endymion:mailman_webmail:3.0.32
-
cpe:2.3:a:endymion:mailman_webmail:3.0.33
-
cpe:2.3:a:endymion:mailman_webmail:3.0.34
-
cpe:2.3:a:endymion:mailman_webmail:3.0.35
-
cpe:2.3:a:endymion:mailman_webmail:3.0.4
-
cpe:2.3:a:endymion:mailman_webmail:3.0.6
-
cpe:2.3:a:endymion:mailman_webmail:3.0.7
-
cpe:2.3:a:endymion:mailman_webmail:3.0.8