[VIM] CVE-2011-0049: majordomo directory traversal vulnerability

security curmudgeon jericho at attrition.org
Thu Feb 10 23:38:05 CST 2011

OSVDB 70762, CVE-2011-0049, Secunia 43125, BID 46127, ISS 65113

Tenable Network Security discovered that the patch included in 20110130 
was not sufficient to fully remediate this vulnerability. The patch 
applied to snapshot 20110204 appears to remediate the issue correctly. 
Please update your solutions to reflect this!

-------- Original Message --------

as you may be aware, there was a directory traversal vulnerability in
majordomo. PoC:


the VDBs all appear to be reporting build 20110130 as the fix, to include:


however, the patch included in 20110130 isn't sufficient. it can be 
circumvented with the following PoC:


it appears this issue was fixed with 20110204.

More information about the VIM mailing list