GEN:SID 1:3131
Message WEB-CGI mailman directory traversal attempt
Summary This event is generated when an attempt is made to exploit a known
vulnerability in GNU Mailman.
Impact Information disclosure.
Detailed Information GNU Mailman is used to manage mailing lists. It is written in Python and
is available on a variety of platforms.

GNU Mailman when used with webservers that do not remove extra slashes
from URLs, is prone to a directory traversal attack that may allow an
attacker access to sensitive files on an affected system.
Affected Systems GNU Mailman in conjunction with Apache 1.3.x
Attack Scenarios An attacker can supply extra slashes and dots (....///) to a URL to
escape the web root and access other parts of the host filesystem.
Ease of Attack Simple. Exploit software is not required.
Corrective Action Apply the appropriate vendor supplied patches.
Additional References  
Rule References cve: 2005-0202