The which_access variable for Majordomo 2.0 up to and including 1.94.4, and possibly earlier versions, is set to "open" by default, which allows remote malicious users to identify the email addresses of members of mailing lists via a "which" command.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
great circle associates majordomo 1.94.4 |
||
great circle associates majordomo 1.94.5 |
||
great circle associates majordomo |