Vulnerability CVE-2021-42097: Information
Description
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin (e.g., for account takeover).
Severity: HIGH (8.0) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
mailman | sisyphus | 2.1.35-alt1 | 2.1.39-alt1 | ALT-PU-2021-3235-1 | 289090 | Fixed |
mailman | sisyphus_e2k | 2.1.39-alt1 | 2.1.39-alt1 | ALT-PU-2022-3551-1 | - | Fixed |
mailman | p10 | 2.1.37-alt1 | 2.1.38-alt1 | ALT-PU-2021-3277-1 | 289142 | Fixed |
mailman | p9 | 2.1.37-alt1 | 2.1.37-alt1 | ALT-PU-2021-3299-1 | 289143 | Fixed |
mailman | c10f1 | 2.1.37-alt1 | 2.1.38-alt1 | ALT-PU-2021-3277-1 | 289142 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://bugs.launchpad.net/mailman/+bug/1947640 |
|
[oss-security] 20211021 Mailman 2.1.35 security release |
|
DSA-4991 |
|
https://mail.python.org/archives/list/mailman-announce%40python.org/thread/IKCO6JU755AP5G5TKMBJL6IEZQTTNPDQ/ |