2 matches found
CVE-2003-1367
The vulnerable software is Majordomo (2.0 through 1.94.4, possibly earlier). The which_access variable defaults to open, enabling remote attackers to enumerate mailing-list member addresses using the which command. The provided sources confirm the underlying issue but do not specify a vendor patc...
CVE-2003-1367
The whichaccess variable for Majordomo 2.0 through 1.94.4, and possibly earlier versions, is set to "open" by default, which allows remote attackers to identify the email addresses of members of mailing lists via a "which" command...