[Mailman-Users] Are there any known exploits in 2.1.5 re request email address and spamming?
Martin J. Evans
martin.evans at easysoft.com
Fri Sep 19 21:33:10 CEST 2008
I've inherited a 2.1.5 mailman. In the last few days we've been
blacklisted by a number of major sites. On further investigation it
looks like our mailman has been compromised in some way. Emails to the
request address are somehow being used to send spam. There are literally
thousands of them. I've stopped the list for now. Obviously 2.1.5 is way
out of date but I've looked at the changes since then and cannot see
something which looks like this issue although a search for mailman
request exploit brings up a number of entries which are not very
detailed. Does anyone know of an exploit in 2.1.5 which allows spam to
be sent via mailman in 2.1.5?
Thanks
Martin
More information about the Mailman-Users
mailing list