vulnerability

Debian: CVE-2018-1000550: sympa -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:P/I:P/A:P)	06/26/2018	09/06/2018	02/18/2020

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:P)

Published

06/26/2018

Added

09/06/2018

Modified

02/18/2020

Description

The Sympa Community Sympa version prior to version 6.2.32 contains a Directory Traversal vulnerability in wwsympa.fcgi template editing function that can result in Possibility to create or modify files on the server filesystem. This attack appear to be exploitable via HTTP GET/POST request. This vulnerability appears to have been fixed in 6.2.32.

Solution

debian-upgrade-sympa

References

CVE-2018-100055
https://attackerkb.com/topics/CVE-2018-100055
DEBIAN-DSA-4285

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today