[Mailman-Users] any info on this reported exploit?

Brad Knowles brad at stop.mail-abuse.org
Thu Jan 26 21:07:49 CET 2006


At 1:05 PM -0500 2006-01-26, Diana Orrick wrote:

>  http://www.securityfocus.com/bid/16248/discuss
>
>  GNU Mailman Large Date Data Denial Of Service Vulnerability
>
>  GNU Mailman is prone to a denial of service attack. This issue affects the
>  email date parsing functionality of Mailman.
>
>  The vulnerability could be triggered by mailing list posts and will impact
>  the availability of mailing lists hosted by the application.

	All security-related questions should be handled in accordance 
with FAQ 1.27, see 
<http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp>.

-- 
Brad Knowles, <brad at stop.mail-abuse.org>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

     -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
     Assembly to the Governor, November 11, 1755

  LOPSA member since December 2005.  See <http://www.lopsa.org/>.



More information about the Mailman-Users mailing list