Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2011-0063
HistoryMar 15, 2011 - 5:55 p.m.

CVE-2011-0063

2011-03-1517:55:02
CWE-22
mitre
web.nvd.nist.gov
34
majordomo
directory traversal
cve-2011-0063
nvd
security vulnerability

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

9.1

Confidence

High

EPSS

0.881

Percentile

98.7%

JSON

The _list_file_get function in lib/Majordomo.pm in Majordomo 2 20110203 and earlier allows remote attackers to conduct directory traversal attacks and read arbitrary files via a ./…/ sequence in the “extra” parameter to the help command, which causes the regular expression to produce … (dot dot) sequences. NOTE: this vulnerability is due to an incomplete fix for CVE-2011-0049.

Affected configurations

Nvd
Node
mj2majordomo_2Range20110203
OR
mj2majordomo_2Match20110101
OR
mj2majordomo_2Match20110102
OR
mj2majordomo_2Match20110103
OR
mj2majordomo_2Match20110104
OR
mj2majordomo_2Match20110105
OR
mj2majordomo_2Match20110106
OR
mj2majordomo_2Match20110107
OR
mj2majordomo_2Match20110108
OR
mj2majordomo_2Match20110109
OR
mj2majordomo_2Match20110110
OR
mj2majordomo_2Match20110111
OR
mj2majordomo_2Match20110112
OR
mj2majordomo_2Match20110113
OR
mj2majordomo_2Match20110114
OR
mj2majordomo_2Match20110115
OR
mj2majordomo_2Match20110116
OR
mj2majordomo_2Match20110117
OR
mj2majordomo_2Match20110118
OR
mj2majordomo_2Match20110119
OR
mj2majordomo_2Match20110120
OR
mj2majordomo_2Match20110121
OR
mj2majordomo_2Match20110122
OR
mj2majordomo_2Match20110123
OR
mj2majordomo_2Match20110124
OR
mj2majordomo_2Match20110125
OR
mj2majordomo_2Match20110126
OR
mj2majordomo_2Match20110127
OR
mj2majordomo_2Match20110128
OR
mj2majordomo_2Match20110129
OR
mj2majordomo_2Match20110130
OR
mj2majordomo_2Match20110131
OR
mj2majordomo_2Match20110201
OR
mj2majordomo_2Match20110202
VendorProductVersionCPE
mj2majordomo_2*cpe:2.3:a:mj2:majordomo_2:*:*:*:*:*:*:*:*
mj2majordomo_220110101cpe:2.3:a:mj2:majordomo_2:20110101:*:*:*:*:*:*:*
mj2majordomo_220110102cpe:2.3:a:mj2:majordomo_2:20110102:*:*:*:*:*:*:*
mj2majordomo_220110103cpe:2.3:a:mj2:majordomo_2:20110103:*:*:*:*:*:*:*
mj2majordomo_220110104cpe:2.3:a:mj2:majordomo_2:20110104:*:*:*:*:*:*:*
mj2majordomo_220110105cpe:2.3:a:mj2:majordomo_2:20110105:*:*:*:*:*:*:*
mj2majordomo_220110106cpe:2.3:a:mj2:majordomo_2:20110106:*:*:*:*:*:*:*
mj2majordomo_220110107cpe:2.3:a:mj2:majordomo_2:20110107:*:*:*:*:*:*:*
mj2majordomo_220110108cpe:2.3:a:mj2:majordomo_2:20110108:*:*:*:*:*:*:*
mj2majordomo_220110109cpe:2.3:a:mj2:majordomo_2:20110109:*:*:*:*:*:*:*
Rows per page:
1-10 of 341

Related

prion 2
openvas 1
nuclei 1
metasploit 1
nvd 2
nessus 1
cvelist 2
packetstorm 3
exploitdb 1
dsquare 1
d2 2
securityvulns 3
cve 1
seebug 1
cert 1
exploitpack 1
zdt 1
nmap 1
thn 1
prion
prion
Directory traversal
2011-03-15 17:55:00
Directory traversal
2011-02-04 01:00:00
openvas
openvas
Majordomo2 Directory Traversal Vulnerability
2011-02-07 00:00:00
nuclei
nuclei
Majordomo2 - SMTP/HTTP Directory Traversal
2021-04-18 10:16:06
metasploit
metasploit
Majordomo2 _list_file_get() Directory Traversal
2011-03-12 16:38:51
nvd
nvd
CVE-2011-0063
2011-03-15 17:55:02
CVE-2011-0049
2011-02-04 01:00:07
nessus
nessus
Majordomo 2 _list_file_get() Function Traversal Arbitrary File Access
2011-02-16 00:00:00
cvelist
cvelist
CVE-2011-0063
2011-03-15 17:00:00
CVE-2011-0049
2011-02-04 00:00:00
packetstorm
packetstorm
Majordomo2 _list_file_get() Directory Traversal
2024-09-01 00:00:00
Majordomo2 Directory Traversal
2011-03-08 00:00:00
Majordomo2 20110121 Directory Traversal
2011-02-02 00:00:00
exploitdb
exploitdb
Majordomo2 - 'SMTP/HTTP' Directory Traversal
2011-02-03 00:00:00
dsquare
dsquare
Majordomo 2 File Disclosure
2012-04-27 00:00:00
d2
d2
DSquare Exploit Pack: D2SEC_MAJORDOMO2
2011-03-15 17:55:00
DSquare Exploit Pack: D2SEC_MAJORDOMO
2011-02-04 01:00:00
securityvulns
securityvulns
NSOADV-2011-003: Majordomo2 'help' Command Directory Traversal (Patch Bypass)
2011-03-10 00:00:00
Majordomo2 directory traversal
2011-03-10 00:00:00
Majordomo2 - Directory Traversal (SMTP/HTTP)
2011-02-03 00:00:00
cve
cve
CVE-2011-0049
2011-02-04 01:00:07
seebug
seebug
Majordomo2 - Directory Traversal (SMTP/HTTP)
2014-07-01 00:00:00
cert
cert
Majordomo 2 _list_file_get() directory traversal vulnerability
2011-02-04 00:00:00
exploitpack
exploitpack
Majordomo2 - SMTPHTTP Directory Traversal
2011-02-03 00:00:00
zdt
zdt
Majordomo2 - Directory Traversal (SMTP/HTTP)
2011-02-03 00:00:00
nmap
nmap
http-majordomo2-dir-traversal NSE Script
2011-06-27 20:22:25
thn
thn
Nmap 5.59 BETA1 - 40 new NSE scripts & improved IPv6
2011-07-01 11:41:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

9.1

Confidence

High

EPSS

0.881

Percentile

98.7%

JSON
Related for CVE-2011-0063
prion2openvas1nuclei1metasploit1nvd2nessus1cvelist2packetstorm3exploitdb1dsquare1d22securityvulns3cve1seebug1cert1exploitpack1zdt1nmap1thn1