Full Disclosure mailing list archives
Re: Security flaw in Full Disclosure mailing list
From: Reindl Harald <h.reindl () thelounge net>
Date: Wed, 02 Apr 2014 20:36:07 +0200
Am 02.04.2014 15:43, schrieb Nick Lindridge:
Apologies if this has been pointed out before, hard to imagine that it hasn't really. When signing up for the list, I was surprised that it emailed back my password in plain text. Can this security flaw be addressed?
not without re-write mailmain 8X-Mailman-Version: 2.1.15) 9 out of 10 lists out there even mail the password once per month by stupidity while the real scary is that this is possible at all meaning stored in plaintext
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Security flaw in Full Disclosure mailing list Nick Lindridge (Apr 02)
- Re: Security flaw in Full Disclosure mailing list Ron (Apr 02)
- Re: Security flaw in Full Disclosure mailing list Fyodor (Apr 02)
- Re: Security flaw in Full Disclosure mailing list Reindl Harald (Apr 02)
- Re: Security flaw in Full Disclosure mailing list Eric G (Apr 02)
- Re: Security flaw in Full Disclosure mailing list Jimmy Crossley (Apr 02)
- Re: Security flaw in Full Disclosure mailing list Fyodor (Apr 02)
- Re: Security flaw in Full Disclosure mailing list Jim Popovitch (Apr 02)
- Re: Security flaw in Full Disclosure mailing list Ron (Apr 02)
- Re: Security flaw in Full Disclosure mailing list Jim Popovitch (Apr 02)
- Re: Security flaw in Full Disclosure mailing list Jeffrey Walton (Apr 02)
- Re: Security flaw in Full Disclosure mailing list George Chatzisofroniou (Apr 03)
- Re: Security flaw in Full Disclosure mailing list Fyodor (Apr 02)
- Re: Security flaw in Full Disclosure mailing list Michal Zalewski (Apr 02)
- Re: Security flaw in Full Disclosure mailing list Brandon Perry (Apr 02)