CVE-2006-0052

Publication date 31 March 2006

Last updated 17 July 2025

Ubuntu priority

The attachment scrubber (Scrubber.py) in Mailman 2.1.5 and earlier, when using Python's library email module 2.5, allows remote attackers to cause a denial of service (mailing list delivery failure) via a multipart MIME message with a single part that has two blank lines between the first boundary and the end boundary.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
mailman	7.04 feisty	Not affected
	6.10 edgy	Fixed 2.1.8-2ubuntu2
	6.06 LTS dapper	Fixed 2.1.5-9ubuntu4.1

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-267-1
mailman vulnerability
4 April 2006

Other references

https://www.cve.org/CVERecord?id=CVE-2006-0052