CVE-2005-1960 Information

Description

The getemails function in C.J. Steele Tattle allows remote attackers to execute arbitrary commands via shell metacharacters in certain log entries as demonstrated using shell metacharacters in an FTP username.

Reference

http://secunia.com/advisories/15582 http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2005-06/0057.html