FreeBSD : mailman -- password disclosure (ad9d2518-3471-4737-b60b-9a1f51023b28)
Medium Nessus Plugin ID 19079
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionBarry Warsaw reports :
Today I am releasing Mailman 2.1.5, a bug fix release [...] This version also contains a fix for an exploit that could allow 3rd parties to retrieve member passwords. It is thus highly recommended that all existing sites upgrade to the latest version.
SolutionUpdate the affected packages.