CVE-2002-1536 Information

Description

Molly IRC bot 0.5 allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the $host variable for nslookup.pl (2) the $to $from or $message variables in pop.pl (3) the $words or $text variables in sms.pl or (4) the $server or $printer variables in hpled.pl.

Reference

http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0028.html http://online.securityfocus.com/archive/1/296163 http://www.iss.net/security_center/static/10397.php http://www.securityfocus.com/bid/6007