CVE-2003-0020 — MEDIUM (5.0)

Q: How severe is CVE-2003-0020?

CVE-2003-0020 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2003-0020?

Check the references section above for vendor advisories and patch information. Affected products include: Apache Http Server.

Vulnerability Description

Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:N/I:P/A:N

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE

Affected Products

Vendor	Product	Versions
Apache	Http Server	>= 1.3.0, < 1.3.31

References

http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.htmlBroken Link
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2004:046Third Party Advisory
http://marc.info/?l=bugtraq&m=104612710031920&w=2Third Party Advisory
http://marc.info/?l=bugtraq&m=108369640424244&w=2Third Party Advisory
http://marc.info/?l=bugtraq&m=108437852004207&w=2Third Party Advisory
http://marc.info/?l=bugtraq&m=108731648532365&w=2Third Party Advisory
http://security.gentoo.org/glsa/glsa-200405-22.xmlThird Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1Broken Link
http://www.iss.net/security_center/static/11412.phpBroken Link
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:050Broken Link
http://www.redhat.com/support/errata/RHSA-2003-082.htmlThird Party Advisory
http://www.redhat.com/support/errata/RHSA-2003-083.htmlThird Party Advisory
http://www.redhat.com/support/errata/RHSA-2003-104.htmlThird Party Advisory
http://www.redhat.com/support/errata/RHSA-2003-139.htmlThird Party Advisory

FAQ

What is CVE-2003-0020?

CVE-2003-0020 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to e...

How severe is CVE-2003-0020?

CVE-2003-0020 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2003-0020?

Check the references section above for vendor advisories and patch information. Affected products include: Apache Http Server.