Full Disclosure mailing list archives
Mailman Mis/Default configuration
From: Sagar Belure <sagar.belure () gmail com>
Date: Thu, 15 Jul 2010 12:48:17 +0530
Hi, By default, while subscribing to a mailing list on a website, running Mailman (GNU) for mailing list management, the user has got options to manage his/her subscription options. There is an option of getting password reminder email for this list once in a month. And, by default, this option is set to Yes. Along with sending the password reminder mail in *plain text* to the users, it get's archived on the sites too. This seems that, the mailing list admins are not aware of the power of search engine bots. :-) POC: "mailing list memberships reminder" on google responds with 940,000 results. -- Thanks, Sagar Belure Security Analyst Secfence Technologies www.secfence.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Mailman Mis/Default configuration Sagar Belure (Jul 15)
- Re: Mailman Mis/Default configuration Valdis . Kletnieks (Jul 15)