CVE-2003-0020 Information
Share on:Description
Apache does not filter terminal escape sequences from its error logs which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.
Reference
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html http://frontal2.mandriva.com/security/advisories?name=MDKSA-2004:046 http://marc.info/?l=bugtraq&m=104612710031920&w=2 http://marc.info/?l=bugtraq&m=108369640424244&w=2 http://marc.info/?l=bugtraq&m=108437852004207&w=2 http://marc.info/?l=bugtraq&m=108731648532365&w=2 http://security.gentoo.org/glsa/glsa-200405-22.xml http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1 http://www.iss.net/security_center/static/11412.php http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:050 http://www.redhat.com/support/errata/RHSA-2003-082.html http://www.redhat.com/support/errata/RHSA-2003-083.html http://www.redhat.com/support/errata/RHSA-2003-104.html http://www.redhat.com/support/errata/RHSA-2003-139.html http://www.redhat.com/support/errata/RHSA-2003-243.html http://www.redhat.com/support/errata/RHSA-2003-244.html http://www.securityfocus.com/bid/9930 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.529643 http://www.trustix.org/errata/2004/0017 http://www.trustix.org/errata/2004/0027 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@3Ccvs.httpd.apache.org3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@3Ccvs.httpd.apache.org3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@3Ccvs.httpd.apache.org3E https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@3Ccvs.httpd.apache.org3E https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A100109 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A150 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A4114