Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The _list_file_get function in lib/Majordomo.pm in Majordomo 2 20110203 and earlier allows remote attackers to conduct directory traversal attacks and read arbitrary files via a ./.../ sequence in the "extra" parameter to the help command, which causes the regular expression to produce .. (dot dot) sequences. NOTE: this vulnerability is due to an incomplete fix for CVE-2011-0049.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Majordomo 2 lib/Majordomo.pm _list_file_get函数路径遍历漏洞
Vulnerability Description
Majordomo是一个流行的用Perl实现的(majordomo.pl)处理邮件列表的软件。 Majordomo 2 20110203及之前版本的lib/Majordomo.pm中的_list_file_get函数中存在路径遍历漏洞。远程攻击者可以借助向help命令传递的"extra"参数中的./.../序列,进行目录遍历攻击并读取任意文件。
CVSS Information
N/A
Vulnerability Type
N/A