Nootka 1.4.4 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.