[Mailman-Users] Re: Critical security update for Mailman 2.1.5
aj at mindcrash.com
Fri Feb 11 02:39:31 CET 2005
How can we test that the patch is working? Is there a way to cause the log
message to be written to the mischief log? Just want to make sure the
working, any help would be great.
>> On Feb 10, 2005, at 8:17 AM, dave at umiacs.umd.edu wrote:
>>> Am I correct in assuming the attack only allows hackers to access (read)
>>> files? Yes, I understand that if they can read/get mailman passwords, they
>>> can obviously change lists but nothing more nefarious than that?
>> they can not only get the passwords, but your subscriber lists. that
>> is, I think, nefarious enough. it means you're one spambot away from
>> handing over all your users to the blackhats.
More information about the Mailman-Users