Bug 187420 - CVE-2006-0052 Mailman DoS
CVE-2006-0052 Mailman DoS
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: mailman (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Harald Hoyer
: Security
Depends On:
Blocks: 193843
  Show dependency treegraph
Reported: 2006-03-30 15:24 EST by Josh Bressers
Modified: 2007-11-30 17:07 EST (History)
1 user (show)

See Also:
Fixed In Version: RHSA-2006-0486
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-06-14 08:18:06 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Josh Bressers 2006-03-30 15:24:17 EST
Mailman DoS

It is possible to prevent a mailing list from functioning properly by
sending a misformed multipart message to a mailman list.  This
malformed message would prevent new messages sent to a list from being

Fixed in 2.1.6

Here is the original message:

Here is the patch:

CVE-2006-0052 Doesn't affect: FC5 (version)

This issue also affects RHEL3
Comment 1 Peter Bieringer 2006-04-28 07:31:45 EDT
No new package for RHEL after a month?
BTW: should a security related bug not get a dedicated mark?
Comment 2 Peter Bieringer 2006-04-28 07:36:29 EDT
Oops, there must be a problem in bugzilla. Like currently seen in
 Keywords: Security

before I was able to submit my comment, I had to remove this keyword, before I
could not submit it (get a red message like "can't change keywords from none to

But after submission, following occurs:

bugzilla@redhat.com changed:

           What    |Removed                     |Added
           Severity|security                    |normal
           Keywords|                            |Security

Looks like this change was caused by an internal process of bugzilla (and not my
intention, severity should be sure stay "security".
Comment 3 Harald Hoyer 2006-05-09 07:44:43 EDT
Comment 6 Harald Hoyer 2006-06-14 08:18:06 EDT
------- Additional Comments From bugzilla@redhat.com  2006-06-09 11:01 EST -------

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.