CVE-2003-1538

CVE-2003-1538 affects SuSE Linux 8.1, Enterprise Server 8, Office Server, and Openexchange Server 4 where susehelp does not properly filter shell metacharacters in CGI queries, enabling remote attackers to execute arbitrary commands. The underlying cause is inadequate sanitization of shell metach...

SUSE-SA:2003:005: susehelp

The remote host is missing the patch for the advisory SUSE-SA:2003:005 susehelp. During a code review of the susehelp package the SUSE Security Team recognized that the security checks done by the susehelp CGI scripts are insufficient. Remote attackers can insert certain characters in CGI queries...

SuSE Security Announcement: susehelp (SuSE-SA:2003:005)

-----BEGIN PGP SIGNED MESSAGE----- SuSE Security Announcement Package: susehelp Announcement-ID: SuSE-SA:2003:005 Date: Mon Jan 20 14:00:00 CET 2003 Affected products: SuSE Linux 8.1, SuSE Linux Enterprise Server 8, SuSE Linux Office Server, SuSE Linux Openexchange Server 4 Vulnerability Type:...

CVE-2001-0918

This CVE concerns vulnerabilities in CGI scripts in susehelp in SuSE 7.2 and 7.3 that allow remote command execution due to insecure file handling. Affected are the susehelp CGI scripts; the underlying issue is not opening files securely, enabling unauthorized command execution. The provided docu...

SuSE Security Announcement: susehelp

-----BEGIN PGP SIGNED MESSAGE----- SuSE Security Announcement Package: susehelp Announcement-ID: SuSE-SA:2001:041 Date: Thu Nov 22 11:36:00 MET 2001 Affected SuSE versions: 7.2, 7.3 Vulnerability Type: remote command execution Severity 1-10: 8 SuSE default package: yes Other affected systems: no...