Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Gentoo: GLSA-200406-04 Normal: Mailman Password Disclosure Notice

gentoo
Calendar Grey June 9, 2004
Dist Gentoo Esm H88
Critical issue in Mailman for Gentoo: Access to user passwords compromised via security weakness. Urgent patch advised for protection.
Mailman contains a bug allowing 3rd parties to retrieve member passwords.

Summary

Gentoo Linux Security Advisory GLSA 200406-04 https://security.gentoo.org/ Severity: Normal Title: Mailman: Member password disclosure vulnerability Date: June 09, 2004 Bugs: #51671 ID: 200406-04

Synopsis ======= Mailman contains a bug allowing 3rd parties to retrieve member passwords.
Background ========= Mailman is a python-based mailing list server with an extensive web interface.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-mail/mailman < 2.1.5 >= 2.1.5
========== Mailman contains an unspecified vulnerability in the handling of request emails.
Impact ===== By sending a carefully crafted email request to the mailman server an attacker could ob...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory Gentoo vulnerability Mailman password disclosure normal severity member breach

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory Gentoo vulnerability Mailman password disclosure normal severity member breach

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here