CVE-2003-0083

Apache <1.3.25 & <2.0.46 - Info Disclosure

Title source: llm
STIX 2.1

Description

Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerability than CVE-2003-0020.

References (22)

Core 22
Core References
Third Party Advisory vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A151
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/8146
Issue Tracking, Third Party Advisory mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=108034113406858&w=2
Third Party Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2003-139.html
Issue Tracking, Third Party Advisory mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=108024081011678&w=2

Scores

EPSS 0.1741
EPSS Percentile 96.8%

Details

Status published
Products (1)
apache/http_server 1.3.0 - 1.3.26
Published Apr 02, 2003
Tracked Since Feb 18, 2026