Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0084

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0084
Last Modified 05 Sep 2008 04:33:25
Published 12 May 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0084

Summary

mod_auth_any package in Red Hat Enterprise Linux 2.1 and other operating systems does not properly escape arguments when calling other programs, which allows attackers to execute arbitrary commands via shell metacharacters.

Vulnerable Systems

Application

  • Mod Auth Any 1.2.2


References

BID - 7448

REDHAT - RHSA-2003:114

XF - modauthany-command-execution(11893)

REDHAT - RHSA-2003:113

CONFIRM - http://www.itlab.musc.edu/webNIS/mod_auth_any.html

CIAC - N-090


Last Updated: 27 May 2016 10:37:46