The mailing list for listmasters using Sympa

[Roy Sigurd Karlsbakk <address@concealed>]

It seems there's an SQL injection bug for Sympa 6.2.70 (from Debian). I can't find any docs on this. Is this known?

This was found by Nessus on one of our regular scans and indeed it managed to insert data into the db without having login to the system.

I have more data if that is necessary. I'll just check with my colleagues if the report is suitable to be sent in the open.

roy

--

Roy Sigurd Karlsbakk

address@concealed

+47 9801 3356

--

I all pedagogikk er det essensielt at pensum presenteres intelligibelt. Det er et elementært imperativ for alle pedagoger å unngå eksessiv anvendelse av idiomer med xenotyp etymologi. I de fleste tilfeller eksisterer adekvate og relevante synonymer på norsk.