Description
xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command.
Product(s):
- XLi 1.14
- XLi 1.15
- XLi 1.16
- XLi 1.17
- ALT Linux 2.3 Compact Edition
- ALT Linux 2.3 Junior Edition
- SuSE SuSE Linux 1.0
- SuSE SuSE Linux 2.0
- SuSE SuSE Linux 3.0
- SuSE SuSE Linux 4.0
- SuSE SuSE Linux 4.2
- SuSE SuSE Linux 4.3
- SuSE SuSE Linux 4.4.1
- SuSE SuSE Linux 4.4
- SuSE SuSE Linux 5.0
- SuSE SuSE Linux 5.1
- SuSE SuSE Linux 5.2
- SuSE SuSE Linux 5.3
- SuSE SuSE Linux 6.0
- SuSE SuSE Linux 6.1
- SuSE SuSE Linux 6.1 alpha
- SuSE SuSE Linux 6.2
- SuSE SuSE Linux 6.3
- SUSE Linux 6.3 on PPC
- SuSE SuSE Linux 6.3 alpha
- SuSE SuSE Linux 6.4
- SUSE Linux 6.4 on i386
- SUSE Linux 6.4 on PPC
- SuSE SuSE Linux 6.4 alpha
- SuSE SuSE Linux 7.0
- SUSE Linux 7.0 on i386
- SUSE Linux 7.0 on PPC
- SUSE Linux 7.0 on SPARC
- SuSE SuSE Linux 7.0 alpha
- SuSE SuSE Linux 7.1
- SUSE Linux 7.1
- SUSE Linux 7.1 on SPARC
- SUSE Linux 7.1 on x86
- SuSE SuSE Linux 7.1 alpha
- SuSE SuSE Linux 7.2
- SUSE Linux 7.2 on i386
- SuSE SuSE Linux 7.3
- SUSE Linux 7.3 on i386
- SUSE Linux 7.3 on PPC
- SUSE Linux 7.3 on SPARC
- SuSE SuSE Linux 8.0
- SUSE Linux 8.0 on i386
- SuSE SuSE Linux 8.0 alpha
- SuSE SuSE Linux 8.1
- SuSE SuSE Linux 8.2
- SuSE SuSE Linux 9.0
- Suse Suse Linux 9.0 Enterprise Server Edition
- SUSE Linux 9.0 x86_64
- SuSE SuSE Linux 9.1
- SUSE Linux 9.1 on x86_64
- SuSE SuSE Linux 9.2
- SUSE Linux 9.2 on x86_64
- SuSE SuSE Linux 9.3
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2005-0638, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2005-0638 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.