Lucene search

[email protected]CVE-2003-0516

HistoryAug 18, 2003 - 4:00 a.m.

CVE-2003-0516

2003-08-1804:00:00

[email protected]

web.nvd.nist.gov

cve-2003-0516

mgetty

remote code execution

shell metacharacters

security vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

62.2%

JSON

cnd.c in mgetty 1.1.28 and earlier does not properly filter non-printable characters and quotes, which may allow remote attackers to execute arbitrary commands via shell metacharacters in (1) caller ID or (2) caller name strings.

Affected configurations

NVD

Node

gert_doeringmgettyRange≤1.1.28

CPENameOperatorVersion
gert_doering:mgettygert doering mgettyle1.1.28

CPE	Name	Operator	Version
gert_doering:mgetty	gert doering mgetty	le	1.1.28

References

ftp://alpha.greenie.net/pub/mgetty/source/1.1/mgetty1.1.29-Nov25.tar.gz

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

62.2%

JSON

Related for CVE-2003-0516

cvelist1 debiancve1 nvd1