Apache < 1.3.31 / 2.0.49 Error Log Escape Sequence Injection

Medium Log Correlation Engine Plugin ID 800568

Synopsis

The remote host is vulnerable to a flaw in the way that it displays log files

Description

The target host is running an Apache web server that allows for the injection of arbitrary escape sequences into its error logs. An attacker might use this vulnerability in an attempt to exploit similar vulnerabilities in terminal emulators.

Solution

Upgrade to Apache version 1.3.31, 2.0.49 or newer.

See Also

rhn.redhat.com/errata/RHSA-2003-244.html

rhn.redhat.com/errata/RHSA-2003-243.html

rhn.redhat.com/errata/RHSA-2003-139.html

rhn.redhat.com/errata/RHSA-2003-104.html

rhn.redhat.com/errata/RHSA-2003-083.html

rhn.redhat.com/errata/RHSA-2003-082.html

http://www.apacheweek.com/features/security-13

http://www.apacheweek.com/features/security-20

Plugin Details

Severity: Medium

ID: 800568

File Name: 800568.prm

Family: Web Servers

Nessus ID: 12239

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 8.8

Temporal Score: 7.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:N

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Reference Information

CVE: CVE-2003-0083, CVE-2003-0020

BID: 9930