What is the severity of CVE-2004-1143?

CVE-2004-1143 is considered a high severity vulnerability due to the potential for remote attackers to guess passwords via a brute force attack.

How do I fix CVE-2004-1143?

Upgrading Mailman to version 2.1.5 or later patches the vulnerability related to password generation.

What versions of Mailman are affected by CVE-2004-1143?

CVE-2004-1143 affects Mailman versions 1.0 through 2.1.4.

What impact does CVE-2004-1143 have on password security?

CVE-2004-1143 reduces password security, allowing attackers to potentially brute force passwords due to a limited set of unique passwords.

Is there a known exploit for CVE-2004-1143?

Yes, CVE-2004-1143 can be exploited by attackers who utilize brute force techniques to guess passwords.

Vulnerability/
CVE-2004-1143

high

7.5

CWE

NVD-CWE-Other

31/12/2004

19/1/2005

8/8/2024

CVE-2004-1143

First published: Fri Dec 31 2004(Updated: )

The password generation in mailman before 2.1.5 generates only 5 million unique passwords, which makes it easier for remote attackers to guess passwords via a brute force attack.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
cPanel GNU Mailman	=2.0.5
cPanel GNU Mailman	=2.0.1
cPanel GNU Mailman	=2.1.3
cPanel GNU Mailman	=2.0.11
cPanel GNU Mailman	=2.0.6
cPanel GNU Mailman	=2.0-beta3
cPanel GNU Mailman	=1.1
cPanel GNU Mailman	=2.0-beta5
cPanel GNU Mailman	=2.0.12
cPanel GNU Mailman	=2.0
cPanel GNU Mailman	=2.0-beta4
cPanel GNU Mailman	=2.1.2
cPanel GNU Mailman	=2.0.9
cPanel GNU Mailman	=2.0.3
cPanel GNU Mailman	=2.0.13
cPanel GNU Mailman	=2.0.4
cPanel GNU Mailman	=2.1
cPanel GNU Mailman	=2.1b1
cPanel GNU Mailman	=2.1.1
cPanel GNU Mailman	=1.0
cPanel GNU Mailman	=2.0.8
cPanel GNU Mailman	=2.1.4
cPanel GNU Mailman	=2.0.10
cPanel GNU Mailman	=2.0.2
cPanel GNU Mailman	=2.0.7

Remedy

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286796

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2004-1143?
CVE-2004-1143 is considered a high severity vulnerability due to the potential for remote attackers to guess passwords via a brute force attack.
How do I fix CVE-2004-1143?
Upgrading Mailman to version 2.1.5 or later patches the vulnerability related to password generation.
What versions of Mailman are affected by CVE-2004-1143?
CVE-2004-1143 affects Mailman versions 1.0 through 2.1.4.
What impact does CVE-2004-1143 have on password security?
CVE-2004-1143 reduces password security, allowing attackers to potentially brute force passwords due to a limited set of unique passwords.
Is there a known exploit for CVE-2004-1143?
Yes, CVE-2004-1143 can be exploited by attackers who utilize brute force techniques to guess passwords.

agent/type
agent/first-publish-date
collector/mitre-cve
source/MITRE
agent/references
agent/weakness
agent/author
agent/last-modified-date
agent/remedy
agent/severity
agent/description
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-historical
vendor/gnu
product/mailman
canonical/gnu mailman
agent/software-canonical-lookup-request
collector/nvd-index
canonical/cpanel gnu mailman
version/cpanel gnu mailman/2.0.5
version/cpanel gnu mailman/2.0.1
version/cpanel gnu mailman/2.1.3
version/cpanel gnu mailman/2.0.11
version/cpanel gnu mailman/2.0.6
version/cpanel gnu mailman/2.0-beta3
version/cpanel gnu mailman/1.1
version/cpanel gnu mailman/2.0-beta5
version/cpanel gnu mailman/2.0.12
version/cpanel gnu mailman/2.0
version/cpanel gnu mailman/2.0-beta4
version/cpanel gnu mailman/2.1.2
version/cpanel gnu mailman/2.0.9
version/cpanel gnu mailman/2.0.3
version/cpanel gnu mailman/2.0.13
version/cpanel gnu mailman/2.0.4
version/cpanel gnu mailman/2.1
version/cpanel gnu mailman/2.1b1
version/cpanel gnu mailman/2.1.1
version/cpanel gnu mailman/1.0
version/cpanel gnu mailman/2.0.8
version/cpanel gnu mailman/2.1.4
version/cpanel gnu mailman/2.0.10
version/cpanel gnu mailman/2.0.2
version/cpanel gnu mailman/2.0.7