[Mailman-Users] report of break in
elicohen at informingscience.org
Mon Dec 27 19:21:07 CET 2004
I discovered this week a security breach that affected Mailman, after an
email was sent out, that started as follows:
From: Newsletter-bounces at israelupdate.info
[mailto:Newsletter-bounces at israelupdate.info]On
<mailto:Newsletter-bounces at israelupdate.info%5dOn> Behalf Of MADAM GLADYS
Sent: Monday, December 27, 2004 6:42 AM
To: Newsletter at israelupdate.info
Subject: [IAC Newsletter] URGENT ATTN
You are receiving this newsletter because you requested it. To Unsubscribe
or change your settings (vacation stop, plain text only, daily digest only,
...), please visit http://Update.IsraelUpdate.Info . <-- this is my header
My Dear ,
I am Mrs Gladys Ada from liberia. I am a widow being that I lost my husband
a couple of months ago. My husband was a serving director of the Cocoa
exporting boarduntil his death He was assassinated last january by the
rebels following the political uprising. Before his death he had a foreign
account here in Capital Point Financial Corporation in Emirates up to the
tune of ($34.5m) .
When viewing the page
mailman/admin/newsletter_israelupdate.info/privacy/sender, I discovered that
Mrs. Ada's name and email address added to non-members allowed to post.
Yes, I am using version 2.1.5.
I am using a shared host (on esc01.midphase.com). (I would copy this to
support @ midPhase, but they do not accept email contact.)
Thought you might want to know.
Dr. Eli Cohen
More information about the Mailman-Users