CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
EPSS
Percentile
97.0%
It was found that mod_rewrite did not filter terminal escape sequences from its log file. If mod_rewrite was configured with the RewriteLog directive, a remote attacker could use specially-crafted HTTP requests to inject terminal escape sequences into the mod_rewrite log file. If a victim viewed the log file with a terminal emulator, it could result in arbitrary command execution with the privileges of that user (CVE-2013-1862). A buffer overflow when reading digest password file with very long lines in htdigest (PR54893)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 2 | noarch | apache | <Β 2.2.24-1.1 | apache-2.2.24-1.1.mga2 |