cnd.c in mgetty 1.1.28 and earlier does not properly filter non-printable characters and quotes, which may allow remote attackers to execute arbitrary commands via shell metacharacters in (1) caller ID or (2) caller name strings.
References
Link | Resource |
---|---|
ftp://alpha.greenie.net/pub/mgetty/source/1.1/mgetty1.1.29-Nov25.tar.gz | Patch |
Configurations
History
No history.
Information
Published : 2003-08-18 04:00
Updated : 2024-02-28 10:24
NVD link : CVE-2003-0516
Mitre link : CVE-2003-0516
CVE.ORG link : CVE-2003-0516
JSON object : View
Products Affected
gert_doering
- mgetty
CWE