Description
susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and Openexchange Server 4 does not properly filter shell metacharacters, which allows remote attackers to execute arbitrary commands via CGI queries.
Affected products
- SUSE / office_server
- SUSE / suse_linux8 – 8
- SUSE / suse_linux8.1 – 8.1
- SUSE / suse_linux_openexchange_server4.0 – 4.0