CVE-2003-0020
Published Mar 18, 2003
Last updated a year ago
Overview
- Description
- Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Vendor comments
- ApacheFixed in Apache HTTP Server 2.0.49 and 1.3.31 http://httpd.apache.org/security/vulnerabilities_20.html http://httpd.apache.org/security/vulnerabilities_13.html
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "44B59C66-C5B3-4682-BB43-A390B4093828",
"versionEndExcluding": "1.3.31",
"versionStartIncluding": "1.3.0"
},
{
"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "28A956D5-032E-4DBE-8201-B60B44BDCF01",
"versionEndExcluding": "2.0.49",
"versionStartIncluding": "2.0.0"
}
],
"operator": "OR"
}
]
}
]