Remote Command Execution Vulnerability in SuSE Linux Products
CVE-2003-1538

Currently unrated

Key Information:

Vendor: Suse
Status: Office Server; Suse Linux; Suse Linux Openexchange Server
Vendor: CVE Published:; 31 December 2003

Summary

The vulnerability in SuSE Linux products arises from improper filtering of shell metacharacters in the susehelp component. This flaw enables remote attackers to exploit CGI queries, potentially leading to the execution of arbitrary commands on affected systems. System administrators should be aware of this risk, as it can compromise the integrity and security of the server environment.

References

http://secunia.com/advisories/7906

third-party-advisoryx_refsource_SECUNIA

http://www.securitytracker.com/id?1005954

vdb-entryx_refsource_SECTRACK

http://www.novell.com/linux/security/advisories/2003_005_...

vendor-advisoryx_refsource_SUSE

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 31, 2003