Mailman vulnerability - Full Disclosure Mailinglist compromised

John Cartwright has announced that the mailing list Full Disclosure has been compromised using a previously unpublished directory traversal vulnerability in Mailman 2.1.5. A fix is already available. All subscribers are advised to change their passwords as soon as possible.