PT-2003-1356 · Red Hat+1 · Red Hat+1

Daniel Jarboe

Published

2003-04-29

Updated

2017-07-11

CVE-2003-0084

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Red Hat Enterprise Linux version 2.1 mod auth any (affected versions not specified)

Description The issue is related to the mod auth any package, which does not properly escape arguments when calling other programs. This allows attackers to execute arbitrary commands via shell metacharacters.

Recommendations For Red Hat Enterprise Linux version 2.1, update the mod auth any package to a version that properly escapes arguments. For mod auth any, consider disabling the execution of external programs until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2003-0084

Affected Products

Red Hat

Mod Auth Any

PT-2003-1356 · Red Hat+1 · Red Hat+1

CVE-2003-0084

Related Identifiers

Affected Products

References · 7