Debian LTS: Security Advisory for sympa (DLA-2441-1)

The remote host is missing an update for the 'sympa' package(s) announced via the DLA-2441-1 advisory.

A privilege escalation was discovered in Sympa, a modern mailing list manager. It is fixed when Sympa is used in conjunction with common MTAs (such as Exim or Postfix) by disabling a setuid executable, although no fix is currently available for all environments (such as sendmail). Additionally, an open-redirect vulnerability was discovered and fixed. CVE-2020-26880 Sympa allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file (which is owned by sympa) and parsing it through the setuid sympa_newaliases-wrapper executable. CVE-2018-1000671 Sympa contains a CWE-601: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in The 'referer' parameter of the wwsympa.fcgi login action. that can result in Open redirection and reflected XSS via data URIs.

'sympa' package(s) on Debian Linux.

Checks if a vulnerable package version is present on the target host.

For Debian 9 stretch, these problems have been fixed in version 6.2.16~dfsg-3+deb9u4. We recommend that you upgrade your sympa packages.