Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2002-0389 at MITRE


Pipermail in Mailman stores private mail messages with predictable filenames in a world-executable directory, which allows local users to read private mailing list archives.
CVSS v2 Scores
  National Vulnerability Database
Base Score 2.11
Vector AV:L/AC:L/Au:N/C:P/I:N/A:N
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact Partial
Integrity Impact None
Availability Impact None

SUSE information

SUSE Bugzilla entries: 418589 [RESOLVED / WONTFIX], 697638 [CLOSED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 11.4
  • mailman >= 2.1.14-4.12.1
  • mailman-debuginfo >= 2.1.14-4.12.1
  • mailman-debugsource >= 2.1.14-4.12.1