6 matches found
CVE-2011-0063
The listfileget function in lib/Majordomo.pm in Majordomo 2 20110203 and earlier allows remote attackers to conduct directory traversal attacks and read arbitrary files via a ./.../ sequence in the "extra" parameter to the help command, which causes the regular expression to produce .. dot dot...
DSquare Exploit Pack: D2SEC_MAJORDOMO2
Name| d2secmajordomo2 ---|--- CVE| CVE-2011-0063 Exploit Pack| D2ExploitPack Description| d2secmajordomo2 Notes|...
CVE-2011-0063
Majordomo 2 contains a directory-traversal flaw in the _list_file_get() helper (help command). Affected versions are Majordomo 2 prior to 20110131; input in the extra parameter can produce dot-dot sequences to read arbitrary files. This is linked to an earlier incomplete fix for CVE-2011-0049. Pu...
NSOADV-2011-003: Majordomo2 'help' Command Directory Traversal (Patch Bypass)
-------------------------- NSOADV-2011-003 --------------------------- Majordomo2 'help' Command Directory Traversal Patch Bypass 111101111 11111 00110 00110001111 111111 01 01 1 11111011111111 11111 0 11 01 0 11 1 1 111011001 11111111101 1 11 0110111 1 1111101111 1001 0 1 10 11 0 10 11 1111111 1...
Majordomo2 Directory Traversal
-------------------------- NSOADV-2011-003 --------------------------- Majordomo2 'help' Command Directory Traversal Patch Bypass 111101111 11111 00110 00110001111 111111 01 01 1 11111011111111 11111 0 11 01 0 11 1 1 111011001 11111111101 1 11 0110111 1 1111101111 1001 0 1 10 11 0 10 11 1111111 1...
CVE-2011-0063
creationtimestamp| type| source ---|---|--- 2011-02-03 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16103 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/majordomo2directorytraversal.rb 2025-02-06...