Mailman 2.0.x Empty Password Authentication Bypass Vulnerability
CVE-2001-1132 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
Mailman 2.0.x before 2.0.6 allows remote attackers to gain access to list administrative pages when there is an empty site or list password, which is not properly handled during the call to the crypt function during authentication.
Learn more about our Web Application Penetration Testing UK.