CVE-2003-1287 | Vulnerability Database | Aqua Security

Sambar Server before 6.0 beta 3 allows attackers with physical access to execute arbitrary code via a request with an MS-DOS device name such as com1.pl, con.pl, or aux.pl, which causes Perl to read the code from the associated device.

Affected Software

Name	Vendor	Start Version	End Version
Sambar_server	Sambar	5.0 (including)	5.0 (including)
Sambar_server	Sambar	5.0-beta1 (including)	5.0-beta1 (including)
Sambar_server	Sambar	5.0-beta2 (including)	5.0-beta2 (including)
Sambar_server	Sambar	5.0-beta3 (including)	5.0-beta3 (including)
Sambar_server	Sambar	5.0-beta4 (including)	5.0-beta4 (including)
Sambar_server	Sambar	5.0-beta5 (including)	5.0-beta5 (including)
Sambar_server	Sambar	5.0-beta6 (including)	5.0-beta6 (including)
Sambar_server	Sambar	5.1 (including)	5.1 (including)
Sambar_server	Sambar	5.1-beta1 (including)	5.1-beta1 (including)
Sambar_server	Sambar	5.1-beta2 (including)	5.1-beta2 (including)
Sambar_server	Sambar	5.1-beta3 (including)	5.1-beta3 (including)
Sambar_server	Sambar	5.1-beta4 (including)	5.1-beta4 (including)
Sambar_server	Sambar	5.1-beta5 (including)	5.1-beta5 (including)
Sambar_server	Sambar	5.2 (including)	5.2 (including)
Sambar_server	Sambar	5.3 (including)	5.3 (including)
Sambar_server	Sambar	6.0-beta1 (including)	6.0-beta1 (including)
Sambar_server	Sambar	6.0-beta2 (including)	6.0-beta2 (including)

References

http://archives.neohapsis.com/archives/bugtraq/2004-04/0353.html
http://secunia.com/advisories/9578
http://securitytracker.com/id?1007819
http://www.idefense.com/application/poi/display?id=103\u0026type=vulnerabilities\u0026flashstatus=true
http://www.osvdb.org/5781
http://www.sambar.com/security.htm
https://exchange.xforce.ibmcloud.com/vulnerabilities/16059

NVD	https://nvd.nist.gov/vuln/detail/CVE-2003-1287
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html