CVE-2003-1287
Summary
Sambar Server before 6.0 beta 3 allows attackers with physical access to execute arbitrary code via a request with an MS-DOS device name such as com1.pl, con.pl, or aux.pl, which causes Perl to read the code from the associated device.
- LOW
- LOCAL
- NONE
- PARTIAL
- PARTIAL
- PARTIAL
References
Advisory Timeline
- Published