From CVE: Mailman 2.1.4 through 2.1.6 allows remote attackers to cause a denial of service via a message that causes the server to "fail with an Overflow on bad date data in a processed message," a different vulnerability than CVE-2005-3573. This bug report has more details including a patch: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326024 Seems to have been public since 20050901 but the bug report doesn't mention in Debian submitted this upstream. Affects: RHEL4, RHEL3
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2006-0204.html