GEN:SID | 1:3131 |
Message | WEB-CGI mailman directory traversal attempt |
Summary | This event is generated when an attempt is made to exploit a known vulnerability in GNU Mailman.
|
Impact | Information disclosure.
|
Detailed Information | GNU Mailman is used to manage mailing lists. It is written in Python and is available on a variety of platforms.
GNU Mailman when used with webservers that do not remove extra slashes from URLs, is prone to a directory traversal attack that may allow an attacker access to sensitive files on an affected system.
|
Affected Systems | GNU Mailman in conjunction with Apache 1.3.x
|
Attack Scenarios | An attacker can supply extra slashes and dots (....///) to a URL to escape the web root and access other parts of the host filesystem.
|
Ease of Attack | Simple. Exploit software is not required.
|
Corrective Action | Apply the appropriate vendor supplied patches.
|
Additional References | |
Rule References | cve: 2005-0202
|