Apache < 1.3.31 / 2.0.49 Error Log Escape Sequence Injection

medium Log Correlation Engine Plugin ID 800568

Synopsis

The remote host is vulnerable to a flaw in the way that it displays log files

Description

The target host is running an Apache web server that allows for the injection of arbitrary escape sequences into its error logs. An attacker might use this vulnerability in an attempt to exploit similar vulnerabilities in terminal emulators.

Solution

Upgrade to Apache version 1.3.31, 2.0.49 or newer.

See Also

http://www.apacheweek.com/features/security-20

http://www.apacheweek.com/features/security-13

rhn.redhat.com/errata/RHSA-2003-244.html

rhn.redhat.com/errata/RHSA-2003-243.html

rhn.redhat.com/errata/RHSA-2003-139.html

rhn.redhat.com/errata/RHSA-2003-104.html

rhn.redhat.com/errata/RHSA-2003-083.html

rhn.redhat.com/errata/RHSA-2003-082.html

Plugin Details

Severity: Medium

ID: 800568

Family: Web Servers

Nessus ID: 12239

Risk Information

CVSS v2

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:N

Reference Information

CVE: CVE-2003-0020, CVE-2003-0083

BID: 9930