Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2003-0020HistorySep 01, 2004 - 4:00 a.m.
CVE-2003-0020
2004-09-0104:00:00
Debian Security Bug Tracker
security-tracker.debian.org
22
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.01 Low
EPSS
Percentile
83.9%
Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | apache2 | < 2.0.49 | apache2_2.0.49_all.deb |
| Debian | 11 | all | apache2 | < 2.0.49 | apache2_2.0.49_all.deb |
| Debian | 999 | all | apache2 | < 2.0.49 | apache2_2.0.49_all.deb |
| Debian | 13 | all | apache2 | < 2.0.49 | apache2_2.0.49_all.deb |
Related
altlinux
altlinux
Security fix for the ALT Linux 10 package apache2 version 2.0.40-21
2003-02-24 00:00:00
Security fix for the ALT Linux 8 package apache2 version 2.0.40-21
2003-02-24 00:00:00
Security fix for the ALT Linux 9 package apache2 version 2.0.40-21
2003-02-24 00:00:00
httpd
httpd
Apache Httpd < 1.3.31 : Error log escape filtering
2003-02-24 00:00:00
Apache Httpd < 2.0.49 : Error log escape filtering
2003-02-24 00:00:00
nessus
nessus
Apache < 1.3.31 / 2.0.49 Log Entry Terminal Escape Sequence Injection
2004-05-17 00:00:00
Fedora Core 1 : httpd-2.0.49-1.1 (2004-117)
2004-07-23 00:00:00
RHEL 2.1 : apache (RHSA-2003:244)
2004-07-06 00:00:00
openvas
openvas
SLES9: Security update for Apache2
2009-10-10 00:00:00
Apache HTTP Server Error Log Escape Sequence Injection Vulnerability
2005-11-03 00:00:00
SLES9: Security update for Apache2
2009-10-10 00:00:00
nvd
nvd
CVE-2003-0020
2003-03-18 05:00:00
CVE-2003-0083
2003-04-02 05:00:00
cve
cve
CVE-2003-0020
2004-09-01 04:00:00
CVE-2003-0083
2003-04-02 05:00:00
ubuntucve
ubuntucve
CVE-2003-0020
2003-03-18 00:00:00
cvelist
cvelist
CVE-2003-0020
2004-09-01 04:00:00
CVE-2003-0083
2003-03-28 05:00:00
seebug
seebug
jetty 6.x - 7.x xss, information disclosure, injection
2014-07-01 00:00:00
jetty 6.x - 7.x xss information disclosure injection
2009-10-26 00:00:00
jetty 6.x - 7.x xss information disclosure injection
2009-10-26 00:00:00
packetstorm
packetstorm
Jetty 6.x / 7.x Information Disclosure / XSS
2009-10-26 00:00:00
Nginx, Varnish, Cherokee, etc Log Injection
2010-01-11 00:00:00
securityvulns
securityvulns
Jetty 6.x and 7.x Multiple Vulnerabilities
2009-10-26 00:00:00
SUSE Security Announcement: cvs (SuSE-SA:2004:008)
2004-04-15 00:00:00
exploitpack
exploitpack
jetty 6.x 7.x - Cross-Site Scripting Information Disclosure Injection
2009-10-26 00:00:00
redhat
redhat
(RHSA-2003:244) apache security update
2003-09-22 00:00:00
debiancve
debiancve
CVE-2003-0083
2003-04-02 05:00:00
exploitdb
exploitdb
cert
cert
Apache vulnerable to DoS
2003-04-08 00:00:00
gentoo
gentoo
Apache 1.3: Multiple vulnerabilities
2004-05-26 00:00:00
slackware
slackware
apache
2004-05-12 16:54:58
suse
suse
remote file creation in kdelibs/kdelibs3
2004-05-26 11:35:37
remote code execution in cvs
2004-04-14 15:54:44
local privilege escalation in mc
2004-05-14 14:09:57
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.01 Low
EPSS
Percentile
83.9%
Related for DEBIANCVE:CVE-2003-0020