Description

Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.

Remediation

References

CVE-2003-0020

Related Vulnerabilities

WordPress Plugin WordPress File Upload Multiple Vulnerabilities (2.7.6)

Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3546)

Jboss EAP Improper Authentication Vulnerability (CVE-2012-0874)

WordPress Plugin Hustle-Pop-Ups, Slide-ins and Email Opt-ins CSV Injection (6.0.7)

MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2006-0442)

Severity

Medium

Classification

CVE-2003-0020

Tags

Missing Update Known Vulnerabilities