CVE-2003-1287
Sambar Server before 6.0 beta 3 allows attackers with physical access to execute arbitrary code via a request with an MS-DOS device name such as com1.pl, con.pl, or aux.pl, which causes Perl to read the code from the associated device.
Date published : 2005-11-21
http://archives.neohapsis.com/archives/bugtraq/2004-04/0353.html