susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and Openexchange Server 4 does not properly filter shell metacharacters, which allows remote attackers to execute arbitrary commands via CGI queries.
http://www.securitytracker.com/id?1005954
http://www.novell.com/linux/security/advisories/2003_005_susehelp.html