Vulnerabilities > CVE-2003-1287 - Denial-Of-Service vulnerability in Server

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

sambar

NVD

Published: 2003-12-31

Updated: 2017-07-11

Summary

Sambar Server before 6.0 beta 3 allows attackers with physical access to execute arbitrary code via a request with an MS-DOS device name such as com1.pl, con.pl, or aux.pl, which causes Perl to read the code from the associated device.

Vulnerable Configurations

Part	Description	Count
Application	Sambar Sambar Sambar Server 5.0 Sambar Sambar Server 5.1 Sambar Sambar Server 5.2 Sambar Sambar Server 5.3 Sambar Sambar Server 6.0	17

References

http://archives.neohapsis.com/archives/bugtraq/2004-04/0353.html
http://secunia.com/advisories/9578
http://securitytracker.com/id?1007819
http://www.idefense.com/application/poi/display?id=103&type=vulnerabilities&flashstatus=true
http://www.osvdb.org/5781
http://www.sambar.com/security.htm
https://exchange.xforce.ibmcloud.com/vulnerabilities/16059