Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0020

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2003-0020
Last Modified 05 Sep 2008 04:33:14
Published 18 Mar 2003 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0020

Summary

Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.

Vulnerable Systems

Application

  • Apache Http Server


References

BID - 9930

XF - apache-esc-seq-injection(11412)

BUGTRAQ - 20030224 Terminal Emulator Security Issues

TRUSTIX - 2004-0027

TRUSTIX - 2004-0017

SLACKWARE - SSA:2004-133

REDHAT - RHSA-2003:244

REDHAT - RHSA-2003:243

REDHAT - RHSA-2003:139

REDHAT - RHSA-2003:104

REDHAT - RHSA-2003:083

REDHAT - RHSA-2003:082

MANDRAKE - MDKSA-2003:050

SUNALERT - 57628

SUNALERT - 101555

GENTOO - GLSA-200405-22

HP - SSRT4717

BUGTRAQ - 20040512 [OpenPKG-SA-2004.021] OpenPKG Security Advisory (apache)

APPLE - APPLE-SA-2004-05-03

MANDRAKE - MDKSA-2004:046


Last Updated: 27 May 2016 10:37:45