[ MDVSA-2015:051 ] sympa

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:051
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : sympa
 Date    : March 3, 2015
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated sympa packages fix security vulnerability:
 
 A vulnerability have been discovered in Sympa web interface that
 allows access to files on the server filesystem. This breach allows
 to send to a list or a user any file readable by the Sympa user,
 located on the server filesystem, using the Sympa web interface
 newsletter posting area (CVE-2015-1306).
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1306
 http://advisories.mageia.or

007 Software

[ MDVSA-2015:051 ] sympa

Leave a Reply Cancel reply

Software and Security Information