FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mailman -- password disclosure

Affected packages
ja-mailman < 2.1.5
mailman < 2.1.5


VuXML ID ad9d2518-3471-4737-b60b-9a1f51023b28
Discovery 2004-05-15
Entry 2005-06-01

Barry Warsaw reports:

Today I am releasing Mailman 2.1.5, a bug fix release [...] This version also contains a fix for an exploit that could allow 3rd parties to retrieve member passwords. It is thus highly recommended that all existing sites upgrade to the latest version.


CVE Name CVE-2004-0412