CVE-2003-0516
Summary
cnd.c in mgetty 1.1.28 and earlier does not properly filter non-printable characters and quotes, which may allow remote attackers to execute arbitrary commands via shell metacharacters in (1) caller ID or (2) caller name strings.
- LOW
- NETWORK
- NONE
- PARTIAL
- PARTIAL
- PARTIAL
References
Advisory Timeline
- Published