Red Hat Security Advisory 2015-1417-01 - Mailman is a program used to help manage e-mail discussion lists. It was found that mailman did not sanitize the list name before passing it to certain MTAs. A local attacker could use this flaw to execute arbitrary code as the user running mailman. It was found that mailman stored private email messages in a world-readable directory. A local user could use this flaw to read private mailing list archives. Continue reading...
