Arbitrary Command Execution in mgetty 1.1.28 and Earlier
CVE-2003-0516 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
cnd.c in mgetty 1.1.28 and earlier does not properly filter non-printable characters and quotes, which may allow remote attackers to execute arbitrary commands via shell metacharacters in (1) caller ID or (2) caller name strings.
Learn more about our Web Application Penetration Testing UK.