CVE-2003-0516

EPSS 0.90%

Published: 8/18/2003Modified: 4/28/2026

Description

cnd.c in mgetty 1.1.28 and earlier does not properly filter non-printable characters and quotes, which may allow remote attackers to execute arbitrary commands via shell metacharacters in (1) caller ID or (2) caller name strings.

Affected packages (1)

Debian/mgettyfrom 0, < 1.1.29

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2003-0516