VULHUB ™

Mailman Free is a web based mailing list management package implemented in Perl. It may safely be assumed to run under Linux and most Unix derived operating systems. Mailman passes user supplied input to an open() command, allowing remote attackers to execute arbitrary commands as the user nobody. Exploitation of this vulnerability may lead to local access. It is possible Mailman Pro and earlier verisons of the product share this vulnerability, although this has not been confirmed.

Mailman Free is a web based mailing list management package implemented in Perl. It may safely be assumed to run under Linux and most Unix derived operating systems. Mailman passes user supplied input to an open() command, allowing remote attackers to execute arbitrary commands as the user nobody. Exploitation of this vulnerability may lead to local access. It is possible Mailman Pro and earlier verisons of the product share this vulnerability, although this has not been confirmed.