Lucene search

[email protected]NVD:CVE-2011-0049

HistoryFeb 04, 2011 - 1:00 a.m.

CVE-2011-0049

2011-02-0401:00:07

CWE-22

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.5

Confidence

Low

EPSS

0.881

Percentile

98.7%

JSON

Directory traversal vulnerability in the _list_file_get function in lib/Majordomo.pm in Majordomo 2 before 20110131 allows remote attackers to read arbitrary files via … (dot dot) sequences in the help command, as demonstrated using (1) a crafted email and (2) cgi-bin/mj_wwwusr in the web interface.

Affected configurations

Nvd

Node

mj2majordomo_2Range≤20110130

mj2majordomo_2Match20110101

mj2majordomo_2Match20110102

mj2majordomo_2Match20110103

mj2majordomo_2Match20110104

mj2majordomo_2Match20110105

mj2majordomo_2Match20110106

mj2majordomo_2Match20110107

mj2majordomo_2Match20110108

mj2majordomo_2Match20110109

mj2majordomo_2Match20110110

mj2majordomo_2Match20110111

mj2majordomo_2Match20110112

mj2majordomo_2Match20110113

mj2majordomo_2Match20110114

mj2majordomo_2Match20110115

mj2majordomo_2Match20110116

mj2majordomo_2Match20110117

mj2majordomo_2Match20110118

mj2majordomo_2Match20110119

mj2majordomo_2Match20110120

mj2majordomo_2Match20110121

mj2majordomo_2Match20110122

mj2majordomo_2Match20110123

mj2majordomo_2Match20110124

mj2majordomo_2Match20110125

mj2majordomo_2Match20110126

mj2majordomo_2Match20110127

mj2majordomo_2Match20110128

mj2majordomo_2Match20110129

VendorProductVersionCPE
mj2majordomo_2*cpe:2.3:a:mj2:majordomo_2:*:*:*:*:*:*:*:*
mj2majordomo_220110101cpe:2.3:a:mj2:majordomo_2:20110101:*:*:*:*:*:*:*
mj2majordomo_220110102cpe:2.3:a:mj2:majordomo_2:20110102:*:*:*:*:*:*:*
mj2majordomo_220110103cpe:2.3:a:mj2:majordomo_2:20110103:*:*:*:*:*:*:*
mj2majordomo_220110104cpe:2.3:a:mj2:majordomo_2:20110104:*:*:*:*:*:*:*
mj2majordomo_220110105cpe:2.3:a:mj2:majordomo_2:20110105:*:*:*:*:*:*:*
mj2majordomo_220110106cpe:2.3:a:mj2:majordomo_2:20110106:*:*:*:*:*:*:*
mj2majordomo_220110107cpe:2.3:a:mj2:majordomo_2:20110107:*:*:*:*:*:*:*
mj2majordomo_220110108cpe:2.3:a:mj2:majordomo_2:20110108:*:*:*:*:*:*:*
mj2majordomo_220110109cpe:2.3:a:mj2:majordomo_2:20110109:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mj2	majordomo_2	*	cpe:2.3:a:mj2:majordomo_2::::::::
mj2	majordomo_2	20110101	cpe:2.3:a:mj2:majordomo_2:20110101:::::::*
mj2	majordomo_2	20110102	cpe:2.3:a:mj2:majordomo_2:20110102:::::::*
mj2	majordomo_2	20110103	cpe:2.3:a:mj2:majordomo_2:20110103:::::::*
mj2	majordomo_2	20110104	cpe:2.3:a:mj2:majordomo_2:20110104:::::::*
mj2	majordomo_2	20110105	cpe:2.3:a:mj2:majordomo_2:20110105:::::::*
mj2	majordomo_2	20110106	cpe:2.3:a:mj2:majordomo_2:20110106:::::::*
mj2	majordomo_2	20110107	cpe:2.3:a:mj2:majordomo_2:20110107:::::::*
mj2	majordomo_2	20110108	cpe:2.3:a:mj2:majordomo_2:20110108:::::::*
mj2	majordomo_2	20110109	cpe:2.3:a:mj2:majordomo_2:20110109:::::::*