CVE-2003-1538Improper Input Validation in Linux

CWE-20Improper Input Validation3 documents3 sources
Severity
6.4MEDIUMNVD
EPSS
0.5%
top 34.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Suse LinuxSuse Linux Openexchange Server
Timeline
PublishedDec 31
Latest updateApr 29

Description

susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and Openexchange Server 4 does not properly filter shell metacharacters, which allows remote attackers to execute arbitrary commands via CGI queries.

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 10.0 | Impact: 4.9

Affected Packages2 packages

NVDsuse/suse_linux8, 8.1+1

Patches

Patch: secunia.comPatch: www.securitytracker.comPatch: secunia.com

🔴Vulnerability Details

2
GHSA
GHSA-chm7-w788-3xfh: susehelp in SuSE Linux 82022-04-29
CVEList
CVE-2003-1538: susehelp in SuSE Linux 82007-12-20
CVE-2003-1538 — Improper Input Validation in Suse Linux | cvebase