Steve Kemp discovered a security related problem in jitterbug, a
simple CGI based bug tracking and reporting tool Unfortunately the
program executions do not properly sanitize input, which allows an
attacker to execute arbitrary commands on the server hosting the bug
database As mitigating factors these attacks are only available to
non-guest use ...