Vulnerability Details CVE-2003-1287
Sambar Server before 6.0 beta 3 allows attackers with physical access to execute arbitrary code via a request with an MS-DOS device name such as com1.pl, con.pl, or aux.pl, which causes Perl to read the code from the associated device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.8%
CVSS Severity
CVSS v2 Score 4.6
References
- http://archives.neohapsis.com/archives/bugtraq/2004-04/0353.html
- http://secunia.com/advisories/9578
- http://securitytracker.com/id?1007819
- http://www.idefense.com/application/poi/display?id=103&type=vulnerabilities&flashstatus=true
- http://www.osvdb.org/5781
- http://www.sambar.com/security.htm
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16059
- http://archives.neohapsis.com/archives/bugtraq/2004-04/0353.html
- http://secunia.com/advisories/9578
- http://securitytracker.com/id?1007819
- http://www.idefense.com/application/poi/display?id=103&type=vulnerabilities&flashstatus=true
- http://www.osvdb.org/5781
- http://www.sambar.com/security.htm
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16059
Products affected by CVE-2003-1287
-
cpe:2.3:a:sambar:sambar_server:5.0
-
cpe:2.3:a:sambar:sambar_server:5.1
-
cpe:2.3:a:sambar:sambar_server:5.2
-
cpe:2.3:a:sambar:sambar_server:5.3
-
cpe:2.3:a:sambar:sambar_server:6.0