CVE-2011-0049
Description
Directory traversal vulnerability in the _list_file_get function in lib/Majordomo.pm in Majordomo 2 before 20110131 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the help command, as demonstrated using (1) a crafted email and (2) cgi-bin/mj_wwwusr in the web interface.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Exploits
Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.
Exploit-DB
Majordomo2 - 'SMTP/HTTP' Directory Traversal
Metasploit modules
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| mj2 | majordomo_2 | {"endIncluding":"20110130"} | |
| mj2 | majordomo_2 | 20110101 | |
| mj2 | majordomo_2 | 20110102 | |
| mj2 | majordomo_2 | 20110103 | |
| mj2 | majordomo_2 | 20110104 | |
| mj2 | majordomo_2 | 20110105 | |
| mj2 | majordomo_2 | 20110106 | |
| mj2 | majordomo_2 | 20110107 | |
| mj2 | majordomo_2 | 20110108 | |
| mj2 | majordomo_2 | 20110109 | |
| mj2 | majordomo_2 | 20110110 | |
| mj2 | majordomo_2 | 20110111 | |
| mj2 | majordomo_2 | 20110112 | |
| mj2 | majordomo_2 | 20110113 | |
| mj2 | majordomo_2 | 20110114 | |
| mj2 | majordomo_2 | 20110115 | |
| mj2 | majordomo_2 | 20110116 | |
| mj2 | majordomo_2 | 20110117 | |
| mj2 | majordomo_2 | 20110118 | |
| mj2 | majordomo_2 | 20110119 | |
| mj2 | majordomo_2 | 20110120 | |
| mj2 | majordomo_2 | 20110121 | |
| mj2 | majordomo_2 | 20110122 | |
| mj2 | majordomo_2 | 20110123 | |
| mj2 | majordomo_2 | 20110124 | |
| mj2 | majordomo_2 | 20110125 | |
| mj2 | majordomo_2 | 20110126 | |
| mj2 | majordomo_2 | 20110127 | |
| mj2 | majordomo_2 | 20110128 | |
| mj2 | majordomo_2 | 20110129 | |
References
- http://osvdb.org/70762
- http://secunia.com/advisories/43125
- http://securityreason.com/securityalert/8061
- http://www.exploit-db.com/exploits/16103
- http://www.kb.cert.org/vuls/id/363726
- http://www.securityfocus.com/archive/1/516150/100/0/threaded
- http://www.securityfocus.com/bid/46127
- http://www.securitytracker.com/id?1025024
- http://www.vupen.com/english/advisories/2011/0288
- https://bug628064.bugzilla.mozilla.org/attachment.cgi?id=506481
- https://bugzilla.mozilla.org/show_bug.cgi?id=628064
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65113
- https://sitewat.ch/en/Advisory/View/1
- http://osvdb.org/70762
- http://secunia.com/advisories/43125
- http://securityreason.com/securityalert/8061
- http://www.exploit-db.com/exploits/16103
- http://www.kb.cert.org/vuls/id/363726
- http://www.securityfocus.com/archive/1/516150/100/0/threaded
- http://www.securityfocus.com/bid/46127
- http://www.securitytracker.com/id?1025024
- http://www.vupen.com/english/advisories/2011/0288
- https://bug628064.bugzilla.mozilla.org/attachment.cgi?id=506481
- https://bugzilla.mozilla.org/show_bug.cgi?id=628064
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65113
CWEs
CWE-22
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.