2 matches found
CVE-2001-1130
The CVE-2001-1130 issue involves SuSE Linux versions 6.0–7.2 using the sdbsearch.cgi CGI. The vulnerability allows remote command execution by uploading a keylist.txt containing filenames with shell metacharacters and then triggering a search that uses the HTTP_REFERER to access the directory hol...
CVE-2001-1130
Sdbsearch.cgi in SuSE Linux 6.0-7.2 could allow remote attackers to execute arbitrary commands by uploading a keylist.txt file that contains filenames with shell metacharacters, then causing the file to be searched using a .. in the HTTP referer from the HTTPREFERER variable to point to the...