CVE-2000-0037
published 1999-12-28CVE-2000-0037: Majordomo wrapper allows local users to gain privileges by specifying an alternate configuration file.
PriorityP416medium4.6CVSS 2.0
AVLACLAuNCPIPAP
EXPLOIT
EPSS
0.68%
47.7th percentile
Majordomo wrapper allows local users to gain privileges by specifying an alternate configuration file.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| great_circle_associates | majordomo | — | — |
| great_circle_associates | majordomo | — | — |
CVSS provenance
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat4.6MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
security flaw
vendor_redhat·1999-12-28·CVSS 4.6
CVE-2000-0037 [MEDIUM] security flaw
security flaw
Majordomo wrapper allows local users to gain privileges by specifying an alternate configuration file.
Statement: This issue was fixed in the following product:
- Red Hat Powertools 6.1 - RHSA-2000:005 (2000-01-21)
GHSA
GHSA-58v6-mw8v-65hc: Majordomo wrapper allows local users to gain privileges by specifying an alternate configuration file
ghsa_unreviewed·2022-04-30
CVE-2000-0037 [MEDIUM] GHSA-58v6-mw8v-65hc: Majordomo wrapper allows local users to gain privileges by specifying an alternate configuration file
Majordomo wrapper allows local users to gain privileges by specifying an alternate configuration file.
No detection rules found.
Exploit-DB
Majordomo 1.94.4/1.94.5 - Local -C Parameter (2)
exploitdb·1999-12-29
CVE-2000-0037 Majordomo 1.94.4/1.94.5 - Local -C Parameter (2)
Majordomo 1.94.4/1.94.5 - Local -C Parameter (2)
---
// source: https://www.securityfocus.com/bid/903/info
It is possible for a local user to gain majordomo privileges through a vulnerability which allows privileged arbitrary commands to be executed. If the -C parameter is passed to majordomo (or one of several other scripts) when run with the setuid root wrapper, the argument to -C will be executed with majordomo privileges.
This occurs on several scripts: archive2.pl, bounce-remind, config-test, digest, majordomo, request-answer and resend. medit under bin/, and archive_mh.pl, new-list, and sequencer under Tools/ uses 'require' in the same way, but since the wrapper only executes those scripts found in the majordomo installation directory, they cannot be exploited.
/*
MAJORDOMO - EX
Exploit-DB
Majordomo 1.94.4/1.94.5 - Local -C Parameter (1)
exploitdb·1999-12-29
CVE-2000-0037 Majordomo 1.94.4/1.94.5 - Local -C Parameter (1)
Majordomo 1.94.4/1.94.5 - Local -C Parameter (1)
---
source: https://www.securityfocus.com/bid/903/info
It is possible for a local user to gain majordomo privileges through a vulnerability which allows privileged arbitrary commands to be executed. If the -C parameter is passed to majordomo (or one of several other scripts) when run with the setuid root wrapper, the argument to -C will be executed with majordomo privileges.
This occurs on several scripts: archive2.pl, bounce-remind, config-test, digest, majordomo, request-answer and resend. medit under bin/, and archive_mh.pl, new-list, and sequencer under Tools/ uses 'require' in the same way, but since the wrapper only executes those scripts found in the majordomo installation directory, they cannot be exploited.
shevek@tirin ~$ cat
1999-12-28
Published