CVE-2003-0020
published 2003-03-18CVE-2003-0020: Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal…
medium5CVSS 3.1
AVNACLAuNCNIPAN
EXPLOIT
Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | http_server | >= 1.3.0 < 1.3.26 | 1.3.26 |
| apache | http_server | >= 1.3.0 < 1.3.31 | 1.3.31 |
| apache | http_server | >= 2.0.0 < 2.0.46 | 2.0.46 |
| apache | http_server | >= 2.0.0 < 2.0.49 | 2.0.49 |
| debian | apache2 | < apache2 2.0.46 (bookworm) | apache2 2.0.46 (bookworm) |
| debian | apache2 | < apache2 2.0.49 (bookworm) | apache2 2.0.49 (bookworm) |
CVSS provenance
nvd5.0MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N
osv5.0MEDIUM