CVE Vulnerabilities

CVE-2003-1202

Published: Aug 19, 2003 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

The checklogin function in omail.pl for omail webmail 0.98.4 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) password, (2) domainname, or (3) username.

Affected Software

Name Vendor Start Version End Version
Omail_webmail Omail 0.97.3 0.97.3
Omail_webmail Omail 0.98.4 0.98.4

References