Oval Definition:oval:org.mitre.oval:def:4114
Revision Date:2004-12-09Version:16
Title:Apache Error Log Escape Sequence Injection Vulnerability
Description:Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2003-0020
Platform(s):Sun Solaris 8
Sun Solaris 9
Product(s):Apache
Definition Synopsis
  • Software section
  • Solaris 8 or 9 installed
  • Solaris 8 Installed
  • OR Solaris 9 Installed
  • AND NOT Patch 116973-01 or later installed
  • AND NOT Patch 113146-05 or later installed
  • AND Apache (SUNWapchu) installed
  • AND Configuration section
  • Apache running (httpd)
    • BACK