vulnerability

Debian: CVE-2018-1000550: sympa -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:P/I:P/A:P)	Jun 26, 2018	Sep 6, 2018	Mar 30, 2026

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:P)

Published

Jun 26, 2018

Added

Sep 6, 2018

Modified

Mar 30, 2026

Description

The Sympa Community Sympa version prior to version 6.2.32 contains a Directory Traversal vulnerability in wwsympa.fcgi template editing function that can result in Possibility to create or modify files on the server filesystem. This attack appear to be exploitable via HTTP GET/POST request. This vulnerability appears to have been fixed in 6.2.32.

Solution

debian-upgrade-sympa

References

CVE-2018-100055
https://attackerkb.com/topics/CVE-2018-100055
CWE-22
DEBIAN-DSA-4285
EUVD-EUVD-2018-1939
https://euvd.enisa.europa.eu/vulnerability/EUVD-2018-1939

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report