CVE-2007-3011

The DBAsciiAccess CGI Script in the web interface in Fujitsu-Siemens Computers ServerView before 4.50.09 allows remote attackers to execute arbitrary commands via shell metacharacters in the Servername subparameter of the ParameterList parameter.

Date published : 2007-07-05

http://www.securityfocus.com/bid/24762

http://www.securityfocus.com/archive/1/472800/100/0/threaded