[Mailman-Developers] [ mailman-Bugs-655079 ] Major security hole.....
noreply at sourceforge.net
noreply at sourceforge.net
Tue Dec 17 00:13:49 EST 2002
Bugs item #655079, was opened at 2002-12-17 09:13
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100103&aid=655079&group_id=103
Category: security/privacy
Group: 2.0.x
Status: Open
Resolution: None
Priority: 5
Submitted By: Nicolas Weeger (ryo_saeba)
Assigned to: Nobody/Anonymous (nobody)
Summary: Major security hole.....
Initial Comment:
Just found a nice security bug:
on the main list page, you have 2 fields to enter admin
mail & password to view list subscriptions.
Well, you can just enter a valid admin password, and it'll
work !!! Even if the mail address is blank / invalid !!
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100103&aid=655079&group_id=103
More information about the Mailman-Developers
mailing list