{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-05-11T00:00:00", "descriptions": [{"lang": "en", "value": "The archive management (arc_manage) page in wwsympa/wwsympa.fcgi.in in Sympa before 6.1.11 does not check permissions, which allows remote attackers to list, read, and delete arbitrary list archives via vectors related to the (1) do_arc_manage, (2) do_arc_download, or (3) do_arc_delete functions."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2012-08-13T09:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://sourcesup.renater.fr/scm/viewvc.php/branches/sympa-6.0-branch/wwsympa/wwsympa.fcgi.in?root=sympa&r1=6706&r2=7358&pathrev=7358"}, {"name": "DSA-2477", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2012/dsa-2477"}, {"name": "[oss-security] 20120512 Re: CVE request: sympa (try again)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/05/12/8"}, {"name": "53503", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/53503"}, {"name": "[oss-security] 20120511 CVE request: sympa (try again)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/05/11/8"}, {"name": "[oss-security] 20120511 Re: CVE request: sympa (try again)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/05/12/2"}, {"name": "81890", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/81890"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.sympa.org/distribution/latest-stable/NEWS"}, {"name": "49045", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/49045"}, {"name": "49237", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/49237"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-2352", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The archive management (arc_manage) page in wwsympa/wwsympa.fcgi.in in Sympa before 6.1.11 does not check permissions, which allows remote attackers to list, read, and delete arbitrary list archives via vectors related to the (1) do_arc_manage, (2) do_arc_download, or (3) do_arc_delete functions."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://sourcesup.renater.fr/scm/viewvc.php/branches/sympa-6.0-branch/wwsympa/wwsympa.fcgi.in?root=sympa&r1=6706&r2=7358&pathrev=7358", "refsource": "CONFIRM", "url": "https://sourcesup.renater.fr/scm/viewvc.php/branches/sympa-6.0-branch/wwsympa/wwsympa.fcgi.in?root=sympa&r1=6706&r2=7358&pathrev=7358"}, {"name": "DSA-2477", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2012/dsa-2477"}, {"name": "[oss-security] 20120512 Re: CVE request: sympa (try again)", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2012/05/12/8"}, {"name": "53503", "refsource": "BID", "url": "http://www.securityfocus.com/bid/53503"}, {"name": "[oss-security] 20120511 CVE request: sympa (try again)", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2012/05/11/8"}, {"name": "[oss-security] 20120511 Re: CVE request: sympa (try again)", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2012/05/12/2"}, {"name": "81890", "refsource": "OSVDB", "url": "http://www.osvdb.org/81890"}, {"name": "https://www.sympa.org/distribution/latest-stable/NEWS", "refsource": "CONFIRM", "url": "https://www.sympa.org/distribution/latest-stable/NEWS"}, {"name": "49045", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/49045"}, {"name": "49237", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/49237"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:34:25.307Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://sourcesup.renater.fr/scm/viewvc.php/branches/sympa-6.0-branch/wwsympa/wwsympa.fcgi.in?root=sympa&r1=6706&r2=7358&pathrev=7358"}, {"name": "DSA-2477", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2012/dsa-2477"}, {"name": "[oss-security] 20120512 Re: CVE request: sympa (try again)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/05/12/8"}, {"name": "53503", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/53503"}, {"name": "[oss-security] 20120511 CVE request: sympa (try again)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/05/11/8"}, {"name": "[oss-security] 20120511 Re: CVE request: sympa (try again)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/05/12/2"}, {"name": "81890", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/81890"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.sympa.org/distribution/latest-stable/NEWS"}, {"name": "49045", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/49045"}, {"name": "49237", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/49237"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-2352", "datePublished": "2012-05-31T17:00:00", "dateReserved": "2012-04-19T00:00:00", "dateUpdated": "2024-08-06T19:34:25.307Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sympa:sympa:*:*:*:*:*:*:*:*", "matchCriteriaId": "C17B27AC-23E2-434F-9BB7-18AF15939944", "versionEndIncluding": "6.1.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:0.001:*:*:*:*:*:*:*", "matchCriteriaId": "F3208BF5-1B63-4953-8802-7426C8F80AD0", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:0.002:*:*:*:*:*:*:*", "matchCriteriaId": "D0E6B4F7-D4FA-4318-8759-A1A02A4A0C9D", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:0.003:*:*:*:*:*:*:*", "matchCriteriaId": "96D2C734-A49E-493E-B5C2-91088F2D85CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:0.004:*:*:*:*:*:*:*", "matchCriteriaId": "56E0BD7B-42BE-480C-9262-CEBCFBB986AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:0.005:*:*:*:*:*:*:*", "matchCriteriaId": "5D4B3903-6668-4506-A781-0A9D9B8BF28F", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:0.006:*:*:*:*:*:*:*", "matchCriteriaId": "90ED75CB-779F-48F2-BA15-75D63B0D3096", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:0.007:*:*:*:*:*:*:*", "matchCriteriaId": "D3F1B140-62B0-473A-B6B1-17B4F617D89C", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:0.008:*:*:*:*:*:*:*", "matchCriteriaId": "5D1E43F5-532C-4A83-84AA-AF9126CE2CF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:0.009:*:*:*:*:*:*:*", "matchCriteriaId": "4C2BDA2D-43B8-4D2A-8DE4-4C77AAF97947", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:0.010:*:*:*:*:*:*:*", "matchCriteriaId": "724A3C0A-9BC2-4AA6-AE96-F8C55FC48849", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:0.011:*:*:*:*:*:*:*", "matchCriteriaId": "1E68DF4F-2128-4C94-8E22-CD7211516348", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "A0C9A23B-C8AF-49D9-9903-7DE02BFDD67D", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "029358EB-0364-4D97-B829-85119DFA52BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "074D0A2E-F47E-4F33-A6B7-113AB7F06A10", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "A2885638-1FA3-4999-8E41-9D2AD3C05A8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "C31299BE-61F5-4908-B2C1-47292E980329", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:1.3.1-2:*:*:*:*:*:*:*", "matchCriteriaId": "3C420CC8-44C1-4802-8A95-E600B9AB7081", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "47B1A3C1-8620-4606-A82E-B711DB5BC73B", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:1.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "C3E6A6F6-2879-4AC3-AEBB-0A0FE1C809EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:1.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "EC66B684-8ECB-41AA-B5F9-2B3F8C099C3A", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:1.3.4-1:*:*:*:*:*:*:*", "matchCriteriaId": "1CEC4E75-F8F2-4BCA-9743-7FB0B62C2CB2", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:1.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "86ED13ED-1C4A-4A96-9CBC-1CBD37D3C9E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "6614D477-FAFA-40DB-AB50-988C9C32C144", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "0F8A8E19-79A6-4F66-8156-B18128E30D95", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:1.4.2-1:*:*:*:*:*:*:*", "matchCriteriaId": "813952B1-A3EF-4BDD-9D60-60400ADC2F12", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "F5C84691-7FC4-4AB4-9347-CBD35FF4DAD4", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.2.1b:*:*:*:*:*:*:*", "matchCriteriaId": "CA008F46-8282-45C5-9098-4E5AC4EEA9D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.2.2b:*:*:*:*:*:*:*", "matchCriteriaId": "CB906126-2D66-4148-8F96-DA50CE6998C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.2.3b:*:*:*:*:*:*:*", "matchCriteriaId": "677ED6AF-066D-40B6-835D-6278BC7B417B", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "69588B6A-CA26-4AF5-8D58-811EF810886C", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "32269B73-089E-43FA-8685-E6FF186C5EA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "8160B236-0410-4789-9B02-4B8128BC791B", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "55FACF98-3A75-4428-B761-05C67183367E", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.2b:*:*:*:*:*:*:*", "matchCriteriaId": "8C4AFACC-511E-4022-902C-ECCEE24AC292", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.3:beta:*:*:*:*:*:*", "matchCriteriaId": "25E2CF09-112D-43B5-A556-DC21FA59BC11", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5690073-7AA6-4CC1-A4E1-34AB6236061F", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "49569B6B-F42F-4C11-84EF-90B29E70AD99", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "0031C064-F2A5-42D3-8926-C78618862B2F", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "457C43C9-D11D-4403-89C8-2231A83FD696", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "59CFB558-6C22-45A8-B902-641B5EE699CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "7B12ECDA-0392-4A96-B3C7-5449131A4454", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "0A5B0A99-4439-4EAD-B5F0-02BE4C0CCC26", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "F68DE2B2-F6BA-4286-A1D9-C03F54EDB784", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "CA964AEF-5B79-49A2-922D-2EEDD8FBCC74", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.5.3b:*:*:*:*:*:*:*", "matchCriteriaId": "12232649-60D4-413B-83A6-BF50767ECE65", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.5.4b:*:*:*:*:*:*:*", "matchCriteriaId": "1659E3A0-BC47-4510-A533-F12EA8E95574", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.6:*:*:*:*:*:*:*", "matchCriteriaId": "D5573757-2E17-4B2D-8F83-415A0CBC2231", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "9277362E-954C-45CA-8FD3-FCB6DF81D9D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.7:*:*:*:*:*:*:*", "matchCriteriaId": "8BBCDF02-2F13-4900-A449-0F624094A8ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "E7B3F8C0-9A20-4A68-B3D7-24188588B8D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0D8D995E-3634-4D70-84F9-D3626267C47B", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "63EC9E16-1BF1-4999-B10E-3F3E36069560", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.7a:*:*:*:*:*:*:*", "matchCriteriaId": "122E99D7-7C43-4E84-A00C-640A827373C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.7b.1:*:*:*:*:*:*:*", "matchCriteriaId": "6D35E600-9CD2-49C5-915C-BF3CA783DFAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.7b.2:*:*:*:*:*:*:*", "matchCriteriaId": "2744A6B5-8BC1-45B4-8693-1FDB4FA129B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:2.7b.3:*:*:*:*:*:*:*", "matchCriteriaId": "7813C195-3774-423F-A516-F7A9EE088AA1", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "88CDE8A4-792B-4D2E-A722-4404D1EC73A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.0a:*:*:*:*:*:*:*", "matchCriteriaId": "3F9AC9AE-1D8D-4979-B01D-DC2C4CF2B346", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.0a.1:*:*:*:*:*:*:*", "matchCriteriaId": "826A12E1-8CEB-4C4C-98A6-BE7983532CB5", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.0b.4:*:*:*:*:*:*:*", "matchCriteriaId": "2DBC7E6D-12E0-404F-95CA-6ED534B1988C", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.0b.8:*:*:*:*:*:*:*", "matchCriteriaId": "ED42E06D-A2A7-4A4D-9F04-C64218F136B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.0b.9:*:*:*:*:*:*:*", "matchCriteriaId": "7D438CB2-B956-46FA-9B8C-A8D88CE4B2C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "D7614757-F106-4EEF-8086-00B9D4C813CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "A51FCAC6-A1BE-45B6-8319-43ACA7E761A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.1b.7:*:*:*:*:*:*:*", "matchCriteriaId": "534B15A7-1047-4AD1-B4DD-E3D22925CC72", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.1b.8:*:*:*:*:*:*:*", "matchCriteriaId": "EE21D81C-245A-494D-A38E-5DD3D40266BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.1b.9:*:*:*:*:*:*:*", "matchCriteriaId": "E77134DA-7D36-44D2-B9E5-20CCD0F5B9DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.1b.10:*:*:*:*:*:*:*", "matchCriteriaId": "429D2C09-CBBA-45AE-A588-24978052E9F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.1b.12:*:*:*:*:*:*:*", "matchCriteriaId": "70919A0E-E97E-408C-8369-0C484D66BA2B", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.1b.13:*:*:*:*:*:*:*", "matchCriteriaId": "910EC1FB-C86D-4082-AEE3-816918AFE059", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "1C8AEF83-C528-47F6-AB5A-EE220F248E75", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "00735DD5-28EB-471E-A752-58758A0DB0C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.2.2a:*:*:*:*:*:*:*", "matchCriteriaId": "2948FC69-B3AF-48AE-A752-5E85D55EE0A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "75180EC6-7333-439E-8349-07E0B7985EF5", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "08C5B74E-A70C-415F-9158-FD777030C0EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "8DD97291-4C62-465F-8DDB-BD9AB1818C27", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.3.4b.3:*:*:*:*:*:*:*", "matchCriteriaId": "07D1AE25-96D2-4BDE-A1A8-21BE5442A6D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.3.4b.4:*:*:*:*:*:*:*", "matchCriteriaId": "AEBC95C6-910E-4F44-9255-4EA439688EB4", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.3.4b.5:*:*:*:*:*:*:*", "matchCriteriaId": "7D2C5394-51B5-4068-8C92-681B6CB5D3C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.3.4b.6:*:*:*:*:*:*:*", "matchCriteriaId": "98AD402F-3EEB-491D-9CD8-E18C55D016BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.3.4b.7:*:*:*:*:*:*:*", "matchCriteriaId": "5C8DE4F5-86AA-41E5-8058-F59A1D25CEF4", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.3.4b.8:*:*:*:*:*:*:*", "matchCriteriaId": "72DC6557-D9BF-47B0-BC67-F6EAC89974B2", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.3.4b.9:*:*:*:*:*:*:*", "matchCriteriaId": "B73FAEE4-E1A2-4D71-B8A9-37981D26920A", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "BC1891AE-B74E-47E1-B3E8-024E28CA1632", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.3.6b.1:*:*:*:*:*:*:*", "matchCriteriaId": "12943A0D-5E1E-4842-AD2E-4CE7E2F94640", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.3.6b.2:*:*:*:*:*:*:*", "matchCriteriaId": "B06E726D-1C76-4E4D-886A-F1763097EBC7", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.3.6b.3:*:*:*:*:*:*:*", "matchCriteriaId": "52242171-94E3-4D63-AE73-9BD2F37EECE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.3.6b.4:*:*:*:*:*:*:*", "matchCriteriaId": "AA439B9D-928C-44BE-BCF5-5D1503979605", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.3.6b.5:*:*:*:*:*:*:*", "matchCriteriaId": "9776D60D-91F2-4562-AE83-DD695D62016F", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.3.6b.6:*:*:*:*:*:*:*", "matchCriteriaId": "AF05F122-E643-4648-B464-F2A542A59293", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.3b.3:*:*:*:*:*:*:*", "matchCriteriaId": "50B681F5-94E5-4185-9F6D-AD0762B1A690", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.3b.4:*:*:*:*:*:*:*", "matchCriteriaId": "BD8E341C-F4A5-415B-B7C2-81AF7FB0A986", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "F961F141-5B14-4AB2-BEAE-5F0341DFCBBC", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:4.0.a1:*:*:*:*:*:*:*", "matchCriteriaId": "EA40B80D-DBAC-49C7-8AB5-918CD2DB0C3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:4.0.a3:*:*:*:*:*:*:*", "matchCriteriaId": "C621BCEE-887A-4B1B-A048-D3636B9EFFD2", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:4.0.a4:*:*:*:*:*:*:*", "matchCriteriaId": "947C74D5-BDD5-4529-AE6A-522CD8903BE1", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:4.0.a5:*:*:*:*:*:*:*", "matchCriteriaId": "70FDCE81-C624-425C-B678-935416D5D183", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:4.0.a6:*:*:*:*:*:*:*", "matchCriteriaId": "509E103D-7D66-4C71-883F-87BFB9134947", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:4.0.a7:*:*:*:*:*:*:*", "matchCriteriaId": "A46EB3D7-6926-486A-B731-27887F58CF93", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:4.0.a8:*:*:*:*:*:*:*", "matchCriteriaId": "52551262-2531-430C-A2B9-51F42FCA8FCD", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:4.0.a9:*:*:*:*:*:*:*", "matchCriteriaId": "18762458-1469-45F0-B9F2-701602A76C73", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:4.0.b1:*:*:*:*:*:*:*", "matchCriteriaId": "BD593FAE-71B9-4C04-B183-2A3083FDA276", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:4.0.b2:*:*:*:*:*:*:*", "matchCriteriaId": "2F6494CE-0E9D-4B56-A09F-C3080B6F6974", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:4.0.b3:*:*:*:*:*:*:*", "matchCriteriaId": "65583ADB-CB47-4E8B-83C1-5AC24A0A5076", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "A6C16EFE-0F19-4082-8A0A-B8EAD35C2D70", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:4.2b.1:*:*:*:*:*:*:*", "matchCriteriaId": "2FB797E2-74B9-4EDE-A61A-BAEEF7104660", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:4.2b.3:*:*:*:*:*:*:*", "matchCriteriaId": "BC0B8BCB-0CA5-48AB-AEDE-DFA56E267B16", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "36476C74-E8EC-46B1-A044-1D4EB939795C", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:5.0a:*:*:*:*:*:*:*", "matchCriteriaId": "2C566DEF-E3C0-4FB5-BFB6-D243DAA84DF5", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:5.0a.1:*:*:*:*:*:*:*", "matchCriteriaId": "511F87A0-B85D-479E-9BD9-3A301F7E0F15", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:5.0b:*:*:*:*:*:*:*", "matchCriteriaId": "691C2460-35EF-4E25-A75E-0DBAF0C47B82", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:5.0b.1:*:*:*:*:*:*:*", "matchCriteriaId": "8B952E38-C0CA-4411-952B-40D53F5E377B", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "A6997C75-36E1-41BE-BF29-1A2929917995", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:5.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB6A0762-9D17-4591-9C35-0FE241B0E11A", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "4C62FDF7-898B-4492-9640-40939436CA8D", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:5.2b:*:*:*:*:*:*:*", "matchCriteriaId": "9049087A-4A1C-4538-AA88-F3AFA0134B85", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:5.2b2:*:*:*:*:*:*:*", "matchCriteriaId": "9ADAB39A-CEF6-427F-AFF3-7D1A22B6B9A7", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "5947A7FF-4397-4CEB-ABF6-0543FACAC891", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:5.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "24FEA9D2-D8DB-45ED-B1EA-810439C110E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:5.3a.8:*:*:*:*:*:*:*", "matchCriteriaId": "3235F808-1AB4-484E-AD27-7A7D3419B664", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:5.3a.9:*:*:*:*:*:*:*", "matchCriteriaId": "7DCB5592-4C54-466C-945A-393CF8F7C058", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:5.3a.10:*:*:*:*:*:*:*", "matchCriteriaId": "26B4AAE7-3B2A-4977-AA9E-8D7201E0154F", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:5.3b.1:*:*:*:*:*:*:*", "matchCriteriaId": "42B7F70E-95E8-4604-A53A-514AC110E604", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:5.3b.3:*:*:*:*:*:*:*", "matchCriteriaId": "43536723-E89C-4BC6-AD3E-88B614A53D15", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:5.3b.4:*:*:*:*:*:*:*", "matchCriteriaId": "F7A2F899-15C0-4260-979F-6989056F3A03", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:5.3b.5:*:*:*:*:*:*:*", "matchCriteriaId": "01A3B273-D793-4F97-B1C1-96DE8B7F6E80", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:5.4:*:*:*:*:*:*:*", "matchCriteriaId": "52082B40-C619-4389-9403-6DF6610AB721", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:5.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "7C9982EC-F4E7-4154-90CE-A5744B3AF034", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:5.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "484B19A0-06CB-4820-AD58-540657C475E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:5.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "BA761279-C483-4C2E-9A9A-EE07E152277C", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:5.4a.2:*:*:*:*:*:*:*", "matchCriteriaId": "C1B9C45A-21C1-4CA6-B65D-730D35070DB3", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:5.4a.4:*:*:*:*:*:*:*", "matchCriteriaId": "10022D33-92E5-4F27-A98A-8EE68AF39E2D", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:5.4b.1:*:*:*:*:*:*:*", "matchCriteriaId": "5A874DDD-ECC0-478C-8029-198B1109215B", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D3308CE8-847C-4D6B-BCFC-B860B7D9EAFF", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "D2BB62E4-8207-4344-87CE-FB916E7ECA90", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "304DCEDD-661D-400A-94AB-B0DB20843327", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:6.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "05707525-5CD4-49DA-B137-D6F3F793BB40", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:6.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "FB1AF942-E11C-4FF2-863E-E1C47D76D485", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:6.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "01016580-A947-4DE4-9033-4697CE9AF12A", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:6.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "B5F00F31-CA66-43E8-8FE8-3DE0AC483C6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:6.0b.1:*:*:*:*:*:*:*", "matchCriteriaId": "F60DB8C7-6D44-480B-A0F3-B7A6220F7F78", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:6.0b.2:*:*:*:*:*:*:*", "matchCriteriaId": "BA32E7A9-896E-4D13-A56E-6E463179F464", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:6.0b.3:*:*:*:*:*:*:*", "matchCriteriaId": "F43DDD64-605C-4783-A22D-F6B2C1526C74", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:6.0b.4:*:*:*:*:*:*:*", "matchCriteriaId": "67484472-F2A7-4C78-A7DD-25A267E9BFD8", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:6.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "CE3806CA-EFF4-4DC1-827D-D720155231FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:6.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "2D74B084-02D3-4410-85BA-9C624A29BFC6", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:6.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "81F89FD3-5FF5-498A-8909-E31D62AB42B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:6.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "CB7F80BB-388F-41A7-BCD2-46EA20DC2E6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:6.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "F5CB2B7F-325F-489D-98DF-89D2173EF676", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:6.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "4C251761-00A7-4C37-A9DC-E34F4BC40208", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:6.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "76A7EE36-064D-4498-AC81-349CE832C03A", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:6.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "0560EDE9-268B-45F0-A3F0-88781EA52A7A", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:6.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "38AD95A8-6074-43ED-806F-E1512A4ED2D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:6.1b.1:*:*:*:*:*:*:*", "matchCriteriaId": "9398726E-FE63-4A0E-A86C-E5332DA9E1CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:6.1b.2:*:*:*:*:*:*:*", "matchCriteriaId": "7D539B3E-7CE5-4823-93AE-47319B5DA191", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:6.1b.3:*:*:*:*:*:*:*", "matchCriteriaId": "40858C6C-7053-4CF0-9054-E23EB77E19E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:6.1b.4:*:*:*:*:*:*:*", "matchCriteriaId": "3B668EDE-876B-43B7-B345-C0617B4FBEC7", "vulnerable": true}, {"criteria": "cpe:2.3:a:sympa:sympa:6.1b.6:*:*:*:*:*:*:*", "matchCriteriaId": "BB8B7497-7A1E-438B-820B-D24A9E2DA9CD", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The archive management (arc_manage) page in wwsympa/wwsympa.fcgi.in in Sympa before 6.1.11 does not check permissions, which allows remote attackers to list, read, and delete arbitrary list archives via vectors related to the (1) do_arc_manage, (2) do_arc_download, or (3) do_arc_delete functions."}, {"lang": "es", "value": "La p\u00e1gina de gesti\u00f3n de archivos (arc_manage) en WWSympa/wwsympa.fcgi.in en Sympa antes del v6.1.11 no comprueba los permisos, lo que permite a atacantes remotos listar, leer y borrar archivos de lista de su elecci\u00f3n a trav\u00e9s de vectores relacionados con las funciones (a) do_arc_manage, (2) do_arc_download, o (3) do_arc_delete."}], "id": "CVE-2012-2352", "lastModified": "2024-11-21T01:38:56.070", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-05-31T17:55:04.887", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/49045"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/49237"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2012/dsa-2477"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2012/05/11/8"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2012/05/12/2"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2012/05/12/8"}, {"source": "secalert@redhat.com", "url": "http://www.osvdb.org/81890"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/53503"}, {"source": "secalert@redhat.com", "url": "https://sourcesup.renater.fr/scm/viewvc.php/branches/sympa-6.0-branch/wwsympa/wwsympa.fcgi.in?root=sympa&r1=6706&r2=7358&pathrev=7358"}, {"source": "secalert@redhat.com", "url": "https://www.sympa.org/distribution/latest-stable/NEWS"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/49045"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/49237"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2012/dsa-2477"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2012/05/11/8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2012/05/12/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2012/05/12/8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/81890"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/53503"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://sourcesup.renater.fr/scm/viewvc.php/branches/sympa-6.0-branch/wwsympa/wwsympa.fcgi.in?root=sympa&r1=6706&r2=7358&pathrev=7358"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.sympa.org/distribution/latest-stable/NEWS"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}