FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

sympa -- Multiple Security Bypass Vulnerabilities

Affected packages
sympa < 6.1.11

Details

VuXML ID 78c39232-a345-11e1-9d81-d0df9acfd7e5
Discovery 2012-05-14
Entry 2012-05-21

Secunia team reports:

Multiple vulnerabilities have been reported in Sympa, which can be exploited by malicious people to bypass certain security restrictions.

The vulnerabilities are caused due to the application allowing access to archive functions without checking credentials. This can be exploited to create, download, and delete an archive.

References

CVE Name CVE-2012-2352
URL http://secunia.com/advisories/49045/