CVE-2003-0516 Information

Description

cnd.c in mgetty 1.1.28 and earlier does not properly filter non-printable characters and quotes which may allow remote attackers to execute arbitrary commands via shell metacharacters in (1) caller ID or (2) caller name strings.

Reference

ftp://alpha.greenie.net/pub/mgetty/source/1.1/mgetty1.1.29-Nov25.tar.gz