PT-2003-2483 · Suse · Office Server+3
Publicado
2003-12-31
·
Atualizado
2008-09-05
·
CVE-2003-1538
CVSS v2.0
6.4
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
SuSE Linux versions 8.1
Enterprise Server version 8
Office Server (affected versions not specified)
Openexchange Server version 4
Description
The issue is related to the susehelp component, which does not properly filter shell metacharacters. This allows remote attackers to execute arbitrary commands via CGI queries.
Recommendations
For SuSE Linux version 8.1, update the susehelp component to properly filter shell metacharacters.
For Enterprise Server version 8, update the susehelp component to properly filter shell metacharacters.
For Office Server, at the moment, there is no information about a newer version that contains a fix for this issue.
For Openexchange Server version 4, update the susehelp component to properly filter shell metacharacters.
Correção
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Enterprise Server
Office Server
Open-Xchange Server
Suse Linux