Test ID:	1.3.6.1.4.1.25623.1.0.50334
Category:	Fedora Local Security Checks
Title:	Fedora Core 1 FEDORA-2004-167 (mailman)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to mailman announced via advisory FEDORA-2004-167. Mailman subscriber passwords could be retrieved by a remote attacker. Security hole is fixed in mailman-2.1.5 Important Installation Note: Some users have reported problems with bad queue counts after upgrading to version 2.1.5, the operating assumption is this was caused by performing an install while mailman was running. Prior to installing this rpm stop the mailman service via: % /sbin/service mailman stop Then after installation completes restart the service via: % /sbin/service mailman start Solution: Apply the appropriate updates. http://www.fedoranews.org/updates/FEDORA-2004-167.shtml Risk factor : Medium CVSS Score: 5.0
Cross-Ref:	BugTraq ID: 10412 Common Vulnerability Exposure (CVE) ID: CVE-2004-0412 http://www.securityfocus.com/bid/10412 Conectiva Linux advisory: CLA-2004:842 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000842 http://marc.info/?l=bugtraq&m=109034869927955&w=2 http://security.gentoo.org/glsa/glsa-200406-04.xml http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:051 http://mail.python.org/pipermail/mailman-announce/2004-May/000072.html http://secunia.com/advisories/11701 XForce ISS Database: mailman-obtain-password(16256) https://exchange.xforce.ibmcloud.com/vulnerabilities/16256
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.