[Mailman-Users] Re: Critical security update for Mailman 2.1.5
AJ
aj at mindcrash.com
Fri Feb 11 02:39:31 CET 2005
How can we test that the patch is working? Is there a way to cause the log
message to be written to the mischief log? Just want to make sure the
patch is
working, any help would be great.
Thanks.
>>
>> On Feb 10, 2005, at 8:17 AM, dave at umiacs.umd.edu wrote:
>>
>>> Am I correct in assuming the attack only allows hackers to access (read)
>>> files? Yes, I understand that if they can read/get mailman passwords, they
>>> can obviously change lists but nothing more nefarious than that?
>>
>> they can not only get the passwords, but your subscriber lists. that
>> is, I think, nefarious enough. it means you're one spambot away from
>> handing over all your users to the blackhats.
>>
>
>
>
>
More information about the Mailman-Users
mailing list