CVE-2015-2775

Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.

Date published : 2015-04-13

http://www.securityfocus.com/bid/73922

https://bugs.launchpad.net/mailman/+bug/1437145