My Mailman 2.1.12 server was flagged with a low-risk vulnerability:
42057 Web Server Allows Password Auto-Completion
and I cannot tell from the description what URLs have this
vulnerability, nor do I know how to correct it. I know little
about apache. One Google search at this URL
(WARNING: top posting seems appropriate here...)
But Stucki, Microsoft knows what's good for you!
On 4 Nov 09, at 03:00, mailman-users-requ...@python.org wrote:
From: Chr. von Stuckrad stu...@mi.fu-berlin.de
Date: 3 November 2009 04:03:23 PST (CA)
To: mailman-users@python.org
Subject: Re:
Barry Finkel wrote:
Am I correct in assuming that in order to fix this, I would have to
go to directory
/etc/mailman/en
and modify these HTML files that contain the string password:
admlogin.htmlcontains FORM METHOD=POST ACTION=%(path)s
listinfo.htmlcontains