Vulnerabilities (CVE)

Filtered by vendor Great Circle Associates Subscribe
Filtered by product Majordomo
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2003-1367 1 Great Circle Associates 1 Majordomo 2024-11-20 7.8 HIGH N/A
The which_access variable for Majordomo 2.0 through 1.94.4, and possibly earlier versions, is set to "open" by default, which allows remote attackers to identify the email addresses of members of mailing lists via a "which" command.
CVE-2000-0037 1 Great Circle Associates 1 Majordomo 2024-11-20 4.6 MEDIUM N/A
Majordomo wrapper allows local users to gain privileges by specifying an alternate configuration file.
CVE-2000-0035 1 Great Circle Associates 1 Majordomo 2024-11-20 4.6 MEDIUM N/A
resend command in Majordomo allows local users to gain privileges via shell metacharacters.
CVE-1999-1220 1 Great Circle Associates 1 Majordomo 2024-11-20 7.5 HIGH N/A
Majordomo 1.94.3 and earlier allows remote attackers to execute arbitrary commands when the advertise or noadvertise directive is used in a configuration file, via shell metacharacters in the Reply-To header.
CVE-1999-0207 1 Great Circle Associates 1 Majordomo 2024-11-20 7.5 HIGH N/A
Remote attacker can execute commands through Majordomo using the Reply-To field and a "lists" command.