RSS   Vulnerabilities for 'Majordomo'   RSS

2003-12-31
 
CVE-2003-1367

 

 
The which_access variable for Majordomo 2.0 through 1.94.4, and possibly earlier versions, is set to "open" by default, which allows remote attackers to identify the email addresses of members of mailing lists via a "which" command.

 
1999-12-28
 
CVE-2000-0037

 

 
Majordomo wrapper allows local users to gain privileges by specifying an alternate configuration file.

 
 
CVE-2000-0035

 

 
resend command in Majordomo allows local users to gain privileges via shell metacharacters.

 
1997-08-24
 
CVE-1999-1220

CWE-Other
 

 
Majordomo 1.94.3 and earlier allows remote attackers to execute arbitrary commands when the advertise or noadvertise directive is used in a configuration file, via shell metacharacters in the Reply-To header.

 
1994-06-09
 
CVE-1999-0207

 

 
Remote attacker can execute commands through Majordomo using the Reply-To field and a "lists" command.

 

 >>> Vendor: Great circle associates 2 Products
Majordomo
Majorcool


Copyright 2024, cxsecurity.com

 

Back to Top