Vulnerability Description
susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and Openexchange Server 4 does not properly filter shell metacharacters, which allows remote attackers to execute arbitrary commands via CGI queries.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Suse | Suse Linux Openexchange Server | 4.0 |
| Suse | Office Server | All versions |
| Suse | Suse Linux | 8 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/7906PatchVendor Advisory
- http://www.novell.com/linux/security/advisories/2003_005_susehelp.html
- http://www.securitytracker.com/id?1005954Patch
- http://secunia.com/advisories/7906PatchVendor Advisory
- http://www.novell.com/linux/security/advisories/2003_005_susehelp.html
- http://www.securitytracker.com/id?1005954Patch
FAQ
What is CVE-2003-1538?
CVE-2003-1538 is a vulnerability with a CVSS score of 6.4 (MEDIUM). susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and Openexchange Server 4 does not properly filter shell metacharacters, which allows remote attackers to execute arbitrary commands via...
How severe is CVE-2003-1538?
CVE-2003-1538 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-1538?
Check the references section above for vendor advisories and patch information. Affected products include: Suse Suse Linux Openexchange Server, Suse Office Server, Suse Suse Linux.