OpenBSD VuXML: Documenting security issues in the OpenBSD Ports & Packages Collection

mailman -- member password disclosure vulnerability

Affected packages
mailman < 2.1.5
mailman-postfix < 2.1.5

Details

VuXML ID a917147c-cd02-11d8-bfb3-00304f19272c
Discovery 2004-05-15
Entry 2004-05-31

Mailman contains an unspecified vulnerability in the handling of request emails. By sending a carefully crafted email request to the mailman server an attacker could obtain member passwords.

References

CVE Name CAN-2004-0412
URL http://mail.python.org/pipermail/mailman-announce/2004-May/000072.html

Copyright © 2003-2005 Jacques Vidrine, Robert Nagy, and contributors.
Please see the source of this document for full copyright information.