Am 02.04.2014 15:43, schrieb Nick Lindridge: > Apologies if this has been pointed out before, hard to imagine that it hasn't > really. When signing up for the list, > I was surprised that it emailed back my password in plain text. > > Can this security flaw be addressed? not without re-write mailmain 8X-Mailman-Version: 2.1.15) 9 out of 10 lists out there even mail the password once per month by stupidity while the real scary is that this is possible at all meaning stored in plaintext
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/