Vulnerabilities > CVE-2003-1202 - Remote Command Execution vulnerability in Omail Webmail 0.97.3/0.98.4
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
The checklogin function in omail.pl for omail webmail 0.98.4 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) password, (2) domainname, or (3) username. Fixed in version 0.98.5. However, there is a report that version 0.98.5 is still affected by this vulnerability.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |