Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server.
Reference: https://mail.python.org/pipermail/mailman-announce/2004-May/000072.html
No RHEL Version is affected, as we have not shipped with 2.1.5 in quite some time.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2004-0412