CVE-2013-1862
published 2013-06-10CVE-2013-1862: mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters…
medium5.1CVSS 3.1
AVNACHAuNCPIPAP
mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.
Affected
26 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | http_server | >= 2.0.0 < 2.0.65 | 2.0.65 |
| apache | http_server | >= 2.2.0 < 2.2.25 | 2.2.25 |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | apache2 | < apache2 2.4.1-1 (bookworm) | apache2 2.4.1-1 (bookworm) |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
| oracle | http_server | — | — |
| oracle | http_server | — | — |
| oracle | http_server | — | — |
| oracle | http_server | — | — |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_eus | — | — |
| redhat | enterprise_linux_eus | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_server_aus | — | — |
| redhat | enterprise_linux_server_aus | — | — |
| redhat | enterprise_linux_workstation | — | — |
| redhat | enterprise_linux_workstation | — | — |
| redhat | jboss_enterprise_application_platform | — | — |
CVSS provenance
nvd5.1MEDIUMAV:N/AC:H/Au:N/C:P/I:P/A:P
osv5.1MEDIUM