mod_rewrite does not filter terminal escape sequences from logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.

CPENameOperatorVersion
apache httpdeq2.0.64
apache httpdeq2.0.63
apache httpdeq2.0.61
apache httpdeq2.0.59
apache httpdeq2.0.58
apache httpdeq2.0.55
apache httpdeq2.0.54
apache httpdeq2.0.53
apache httpdeq2.0.52
apache httpdeq2.0.51

Name	Operator	Version
apache httpd	eq	2.0.64
apache httpd	eq	2.0.63
apache httpd	eq	2.0.61
apache httpd	eq	2.0.59
apache httpd	eq	2.0.58
apache httpd	eq	2.0.55
apache httpd	eq	2.0.54
apache httpd	eq	2.0.53
apache httpd	eq	2.0.52
apache httpd	eq	2.0.51

Rows per page:

1-10 of 241

cve 1

ibm 6

openvas 18

checkpoint_advisories 2

nessus 33

ubuntucve 1

prion 1

f5 2

debiancve 1

mageia 1

cisco 1

seebug 1

veracode 2

httpd 1

redhat 6

kaspersky 2

ubuntu 1

freebsd 1

amazon 2

oraclelinux 1

securityvulns 4

centos 1

gentoo 1

suse 1

hackerone 2

oracle 1

cve

CVE-2013-1862

2013-06-10 17:55:00

ibm

Security Bulletin: Potential Security exposure in IBM HTTP Server CVE-2013-1862 PM87808

2022-09-25 23:13:40

Security Bulletin: Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 8.0.0.7

2022-09-25 21:06:56

Security Bulletin: Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 7.0.0.31

2018-06-15 06:59:10

openvas

Apache HTTP Server Log Escape Filtering Vulnerability (Jul 2013) - Linux

2021-11-01 00:00:00

Mageia: Security Advisory (MGASA-2013-0174)

2022-01-28 00:00:00

SUSE: Security Advisory (SUSE-SU-2013:1824-1)

2021-06-09 00:00:00

checkpoint_advisories

Apache HTTP Server mod_rewrite RewriteLog Command Execution (CVE-2013-1862)

2013-09-09 00:00:00

Apache HTTP Server mod_rewrite RewriteLog Command Execution - Ver2 (CVE-2013-1862)

2015-03-26 00:00:00

nessus

F5 Networks BIG-IP : Apache vulnerability (SOL15877)

2014-11-28 00:00:00

Mandriva Linux Security Advisory : apache (MDVSA-2013:174)

2013-06-16 00:00:00

IBM HTTP Server 8.5.0.0 <= 8.5.5.0 / 8.0.0.0 <= 8.0.0.6 / 7.0.0.0 <= 7.0.0.29 / 6.1.0.0 <= 6.1.0.45 (491411)

2020-12-11 00:00:00

ubuntucve

CVE-2013-1862

2013-06-10 00:00:00

prion

Command injection

2013-06-10 17:55:00

SOL15877 - Apache vulnerability CVE-2013-1862

2014-11-27 00:00:00

K15877 : Apache vulnerability CVE-2013-1862

2015-06-08 00:00:00

debiancve

CVE-2013-1862

2013-06-10 17:55:00

mageia

Updated apache packages fix security vulnerabilities

2013-06-19 14:11:42

cisco

Apache HTTP Server mod_rewrite Log File Manipulation Vulnerability

2013-05-30 19:48:16

seebug

Apache HTTP Server日志内终端转义序列命令注入漏洞

2013-05-17 00:00:00

veracode

Remote Code Execution (RCE)

2019-01-15 08:57:06

Arbitrary Code Injection

2019-05-02 04:44:51

httpd

Apache Httpd < 2.2.25 : mod_rewrite log escape filtering

2013-03-13 00:00:00

redhat

(RHSA-2013:1133) Moderate: httpd security update

2013-08-05 15:27:06

(RHSA-2013:1134) Moderate: httpd security update

2013-08-05 15:32:30

(RHSA-2013:0815) Moderate: httpd security update

2013-05-13 00:00:00

kaspersky

KLA10068 Multiple vulnerabilities in Apache httpd

2013-07-22 00:00:00

KLA10065 Multiple vulnerabilities in Apache httpd

2013-07-22 00:00:00

ubuntu

Apache HTTP Server vulnerabilities

2013-07-15 00:00:00

freebsd

apache22 -- several vulnerabilities

2013-06-21 00:00:00

amazon

Medium: httpd

2013-05-24 13:56:00

Medium: httpd24

2013-05-24 13:57:00

oraclelinux

httpd security update

2013-05-13 00:00:00

securityvulns

Apache security vulnerabilities

2013-07-15 00:00:00

Apple Mac OS X multiple security vulnerabilities

2014-02-28 00:00:00

APPLE-SA-2014-02-25-1 OS X Mavericks 10.9.2 and Security Update 2014-001

2014-02-28 00:00:00

centos

httpd, mod_ssl security update

2013-05-13 22:32:03

gentoo

Apache HTTP Server: Multiple vulnerabilities

2013-09-23 00:00:00

suse

Security update for apache2 (important)

2014-09-02 21:04:17

hackerone

Marktplaats: Multiple Apache 2.2.22 Vulnerabilities (XSS/ Code Exec/ DoS)

2015-06-09 17:47:58

U.S. Dept Of Defense: Out-of-date Version (Apache)

2016-11-24 15:09:27

oracle

Oracle Critical Patch Update - January 2014

2014-01-14 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.383 Low

EPSS

Percentile

97.2%

JSON

Related for HTTPD:0ABCC6920F62A5A91239DB17A9572874