Great Circle Associates
Products
5- 7 CVEs
- 1 CVE
- 1 CVE
- 0 CVEs
- 0 CVEs
Recent CVEs
9| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-40918 | Med | 0.35 | 6.5 | 0.00 | Jul 16, 2025 | Authen::SASL::Perl::DIGEST_MD5 versions 2.04 through 2.1800 for Perl generates the cnonce insecurely. The cnonce (client nonce) is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will come from a small set of numbers, and the epoch… | ||
| CVE-2011-0049 | 0.11 | — | 0.95 | Feb 4, 2011 | Directory traversal vulnerability in the _list_file_get function in lib/Majordomo.pm in Majordomo 2 before 20110131 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the help command, as demonstrated using (1) a crafted email and (2) cgi-bin/mj_wwwusr… | |||
| CVE-2011-0063 | 0.10 | — | 0.85 | Mar 15, 2011 | The _list_file_get function in lib/Majordomo.pm in Majordomo 2 20110203 and earlier allows remote attackers to conduct directory traversal attacks and read arbitrary files via a ./.../ sequence in the "extra" parameter to the help command, which causes the regular expression to… | |||
| CVE-1999-0207 | 0.04 | — | 0.09 | Jun 9, 1994 | Remote attacker can execute commands through Majordomo using the Reply-To field and a "lists" command. | |||
| CVE-2000-0035 | 0.03 | — | 0.01 | Dec 28, 1999 | resend command in Majordomo allows local users to gain privileges via shell metacharacters. | |||
| CVE-2000-0037 | 0.03 | — | 0.01 | Dec 28, 1999 | Majordomo wrapper allows local users to gain privileges by specifying an alternate configuration file. | |||
| CVE-2003-1367 | 0.00 | — | 0.02 | Dec 31, 2003 | The which_access variable for Majordomo 2.0 through 1.94.4, and possibly earlier versions, is set to "open" by default, which allows remote attackers to identify the email addresses of members of mailing lists via a "which" command. | |||
| CVE-1999-1220 | 0.00 | — | 0.02 | Aug 24, 1997 | Majordomo 1.94.3 and earlier allows remote attackers to execute arbitrary commands when the advertise or noadvertise directive is used in a configuration file, via shell metacharacters in the Reply-To header. | |||
| CVE-1999-0957 | 0.00 | — | 0.00 | Jun 18, 1997 | MajorCool mj_key_cache program allows local users to modify files via a symlink attack. |
- risk 0.35cvss 6.5epss 0.00
Authen::SASL::Perl::DIGEST_MD5 versions 2.04 through 2.1800 for Perl generates the cnonce insecurely. The cnonce (client nonce) is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will come from a small set of numbers, and the epoch…
- CVE-2011-0049Feb 4, 2011risk 0.11cvss —epss 0.95
Directory traversal vulnerability in the _list_file_get function in lib/Majordomo.pm in Majordomo 2 before 20110131 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the help command, as demonstrated using (1) a crafted email and (2) cgi-bin/mj_wwwusr…
- CVE-2011-0063Mar 15, 2011risk 0.10cvss —epss 0.85
The _list_file_get function in lib/Majordomo.pm in Majordomo 2 20110203 and earlier allows remote attackers to conduct directory traversal attacks and read arbitrary files via a ./.../ sequence in the "extra" parameter to the help command, which causes the regular expression to…
- CVE-1999-0207Jun 9, 1994risk 0.04cvss —epss 0.09
Remote attacker can execute commands through Majordomo using the Reply-To field and a "lists" command.
- CVE-2000-0035Dec 28, 1999risk 0.03cvss —epss 0.01
resend command in Majordomo allows local users to gain privileges via shell metacharacters.
- CVE-2000-0037Dec 28, 1999risk 0.03cvss —epss 0.01
Majordomo wrapper allows local users to gain privileges by specifying an alternate configuration file.
- CVE-2003-1367Dec 31, 2003risk 0.00cvss —epss 0.02
The which_access variable for Majordomo 2.0 through 1.94.4, and possibly earlier versions, is set to "open" by default, which allows remote attackers to identify the email addresses of members of mailing lists via a "which" command.
- CVE-1999-1220Aug 24, 1997risk 0.00cvss —epss 0.02
Majordomo 1.94.3 and earlier allows remote attackers to execute arbitrary commands when the advertise or noadvertise directive is used in a configuration file, via shell metacharacters in the Reply-To header.
- CVE-1999-0957Jun 18, 1997risk 0.00cvss —epss 0.00
MajorCool mj_key_cache program allows local users to modify files via a symlink attack.