FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mailman -- password disclosure

Affected packages
ja-mailman < 2.1.5
mailman < 2.1.5

Details

VuXML ID ad9d2518-3471-4737-b60b-9a1f51023b28
Discovery 2004-05-15
Entry 2005-06-01

Barry Warsaw reports:

Today I am releasing Mailman 2.1.5, a bug fix release [...] This version also contains a fix for an exploit that could allow 3rd parties to retrieve member passwords. It is thus highly recommended that all existing sites upgrade to the latest version.

[source]

References

CVE Name CVE-2004-0412
Message http://mail.python.org/pipermail/mailman-announce/2004-May/000072.html

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.