[Mailman-Users] Mailman Security.
kmastin at beechtree.ca
Fri Feb 7 00:30:22 CET 2003
>On Wed, 5 Feb 2003 13:47:48 +0000
>Adam <lists at monkeez.co.uk> wrote:
>> On Wed, 5 Feb 2003 11:44:10 -0000
>> "dino" <dinouk at orange.net> wrote:
>> > Actually he did it this way:
>> > Noticed that mydomain/mailman was browsable.
>> > Telneted to port 80 and sent a get request from there...ouch.
>> > Sorting that now
>> > Dino
>The fact that telnet is open pretty much says everything about this
>sysadmin's approach to security.
IIRC, he didn't say telnetd was open, just that a friend telnetted into
the mailman directory via port 80(httpd) and got more than he bargained
OP: rpm -e telnetd
More information about the Mailman-Users