Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0516

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0516
Last Modified 10 Sep 2008 03:19:29
Published 18 Aug 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0516

Summary

cnd.c in mgetty 1.1.28 and earlier does not properly filter non-printable characters and quotes, which may allow remote attackers to execute arbitrary commands via shell metacharacters in (1) caller ID or (2) caller name strings.

Vulnerable Systems

Application

  • Gert Doering Mgetty 1.1.28


References

CONFIRM - ftp://alpha.greenie.net/pub/mgetty/source/1.1/mgetty1.1.29-Nov25.tar.gz


Last Updated: 27 May 2016 10:37:56