Public CVE-2004-0228 disclosure

Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server.