Red Hat Bugzilla – Bug 123559
CAN-2004-0412 Mailman password retrievall
Last modified: 2007-11-30 17:10:42 EST
A flaw in Mailman 2.1.* allows a remote attacker to retrieve the
mailman password of any subscriber by sending a carefully crafted
email request to the mailman server.
A simple patch is available and is fixed upstream in Mailman 2.1.5.
CAN-2004-0412 Affects: FC1
CAN-2004-0412 Affects: FC2