Vulnerabilities > CVE-1999-1220 - Unspecified vulnerability in Great Circle Associates Majordomo

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

great-circle-associates

NVD

Published: 1997-08-24

Updated: 2017-12-19

Summary

Majordomo 1.94.3 and earlier allows remote attackers to execute arbitrary commands when the advertise or noadvertise directive is used in a configuration file, via shell metacharacters in the Reply-To header.

Vulnerable Configurations

Part	Description	Count
Application	Great_Circle_Associates Great Circle Associates Majordomo *	1

References

http://www.securityfocus.com/archive/1/7527
https://exchange.xforce.ibmcloud.com/vulnerabilities/502