[Mailman-Users] Mailman Password Completion Vulnerability

2009-11-05 Thread Barry Finkel
My Mailman 2.1.12 server was flagged with a low-risk vulnerability: 42057 Web Server Allows Password Auto-Completion and I cannot tell from the description what URLs have this vulnerability, nor do I know how to correct it. I know little about apache. One Google search at this URL

Re: [Mailman-Users] Mailman-Users Digest, Vol 69, Issue 6

2009-11-05 Thread Jan Steinman
(WARNING: top posting seems appropriate here...) But Stucki, Microsoft knows what's good for you! On 4 Nov 09, at 03:00, mailman-users-requ...@python.org wrote: From: Chr. von Stuckrad stu...@mi.fu-berlin.de Date: 3 November 2009 04:03:23 PST (CA) To: mailman-users@python.org Subject: Re:

Re: [Mailman-Users] Mailman Password Completion Vulnerability

2009-11-05 Thread Mark Sapiro
Barry Finkel wrote: Am I correct in assuming that in order to fix this, I would have to go to directory /etc/mailman/en and modify these HTML files that contain the string password: admlogin.htmlcontains FORM METHOD=POST ACTION=%(path)s listinfo.htmlcontains