[TAG] Mailman vulnerability.
Brian Bilbrey
bilbrey at orbdesigns.com
Thu Feb 10 03:36:55 MSK 2005
I don't know much about the software load on the box (boxes?) that serve
the various Gang lists, but a mailman directory traversal vulnerability
got outed on Full Disclosure earlier today. There was some hooraw on the
mailman user list, but water under the bridge.
Here's the pertinent URL that has patch code for
~mailman/Mailman/Cgi/private.py
http://mail.python.org/pipermail/mailman-users/2005-February/042533.html
Pass the word.
.brian
--
Brian Bilbrey : http://www.orbdesigns.com/
"A mouse is a device used to point at the xterm you want to type in"
- A.S.R.
More information about the TAG
mailing list