25 Okt
2021
25 Okt
'21
12:11
Hallo zusammen,
sofern nicht selber schon gesehen/-lesen hier [0] FYI
"Mailman 2.1 security release"
CVE-2021-42096 could allow a list member to discover the list admin password.
CVE-2021-42097 could allow a list member to create a successful CSRF attack against another list member enabling takeover of the members account.
VG
Bernd
[0] https://mail.python.org/archives/list/mailman-announce@python.org/thread/IKC...
--
Bernd Kohler
IT Center
Abteilung: Netze
RWTH Aachen University
Wendlingweg 10
52074 Aachen
Tel: +49 241 80-29793
Fax: +49 241 80-22666
kohler@itc.rwth-aachen.de
www.itc.rwth-aachen.de
Social Media Kanäle des IT Centers:
https://blog.rwth-aachen.de/itc/
https://www.facebook.com/itcenterrwth
https://www.linkedin.com/company/itcenterrwth
https://twitter.com/ITCenterRWTH
https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ
922
Tage inaktiv
922
Tage alt
rwth-security@lists.rwth-aachen.de
0 comments
participants
Teilnehmer (1)
-
Bernd Kohler