Jakub Klausa

**Name of the Vulnerable Software and Affected Versions** Majordomo versions 1.94.4 and earlier **Description** The issue allows remote attackers to identify the email addresses of members of mailing lists via a "which" command, due to the `which access` variable being set to "open" by default. **Recommendations** For Majordomo versions 1.94.4 and earlier, consider changing the `which access` variable from "open" to a more restrictive setting to prevent remote attackers from identifying email addresses of mailing list members.