Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CVE-2011-0049

CVE information

Published

13 years ago

Last Modified

1 month ago

CVSSv2.0 Severity

Medium

Impact Analysis

Description

Directory traversal vulnerability in the _list_file_get function in lib/Majordomo.pm in Majordomo 2 before 20110131 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the help command, as demonstrated using (1) a crafted email and (2) cgi-bin/mj_wwwusr in the web interface..

CVSSv2.0 Score

Severity
Medium
Base Score
5/10
Exploit Score
10/10
Access Vector
Network
Access Complexity
Low
Authentication Required
None
Impact Score
2.9/10
Confidentiality Impact
Partial
Availability Impact
None
Integrity Impact
None

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:a:mj2:majordomo_2:20110128:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:20110113:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:*:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:20110124:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:20110108:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:20110127:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:20110125:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:20110117:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:20110101:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:20110116:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:20110109:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:20110115:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:20110114:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:20110123:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:20110112:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:20110103:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:20110118:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:20110121:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:20110104:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:20110129:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:20110111:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:20110126:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:20110102:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:20110105:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:20110119:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:20110122:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:20110120:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:20110106:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:20110107:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:mj2:majordomo_2:20110110:*:*:*:*:*:*:*
  Yes
- -