What is CVE-2011-0049?

CVE-2011-0049 is a vulnerability in Mj2 Majordomo_2, classified under Path Traversal. Published 2011-02-04.

Is CVE-2011-0049 known to be exploited?

6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Path Traversal in Mj2 Majordomo_2

CVE-2011-0049

Directory traversal vulnerability in the _list_file_get function in lib/Majordomo.pm in Majordomo 2 before 20110131 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the help command, as demonstrated using (1) a…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.906 (99.6th percentile) — read the EPSS interpretation.

Affected products

Mj2 Majordomo_2 — versions 20110101, 20110102, 20110103
N/a — versions n/a

Weakness classification (CWE)

CWE-22 — Path Traversal

Public proof-of-concept exploits

References

ADV-2011-0288 (vdb-entry, x_refsource_VUPEN)
VU#363726 (x_refsource_CERT-VN, US Government Resource, third-party-advisory)
46127 (Exploit, vdb-entry, x_refsource_BID)
cve@mitre.org (URL Repurposed, Exploit, x_refsource_MISC)
cve@mitre.org (Exploit, Patch, x_refsource_MISC)
43125 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
majordomo-listfile-directory-traversal(65113) (vdb-entry, x_refsource_XF)
1025024 (vdb-entry, x_refsource_SECTRACK)
20110203 Majordomo2 - Directory Traversal (SMTP/HTTP) (mailing-list, x_refsource_BUGTRAQ)
16103 (exploit, x_refsource_EXPLOIT-DB)

Frequently asked questions

What is CVE-2011-0049?: CVE-2011-0049 is a vulnerability in Mj2 Majordomo_2, classified under Path Traversal. Published 2011-02-04.
Is CVE-2011-0049 known to be exploited?: 6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.