Vulnerability Name:

CVE-2013-1862 (CCN-84111)

Assigned:2013-04-19
Published:2013-04-19
Updated:2022-09-14
Summary:mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.
CVSS v3 Severity:5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:5.1 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
3.8 Low (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
5.1 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
3.8 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
5.1 Medium (REDHAT CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
3.8 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-noinfo
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2013-1862

Source: CCN
Type: Apache Web site
Download - The Apache HTTP Server Project

Source: SUSE
Type: Mailing List, Third Party Advisory
openSUSE-SU-2013:1337

Source: SUSE
Type: Mailing List, Third Party Advisory
openSUSE-SU-2013:1340

Source: SUSE
Type: Mailing List, Third Party Advisory
openSUSE-SU-2013:1341

Source: CONFIRM
Type: Patch, Vendor Advisory
http://people.apache.org/~jorton/mod_rewrite-CVE-2013-1862.patch

Source: CCN
Type: RHSA-2013-0815
Moderate: httpd security update

Source: REDHAT
Type: Third Party Advisory
RHSA-2013:0815

Source: CCN
Type: RHSA-2013-1133
Moderate: httpd security update

Source: CCN
Type: RHSA-2013-1207
Moderate: Red Hat JBoss Enterprise Application Platform 6.1.1 update

Source: REDHAT
Type: Third Party Advisory
RHSA-2013:1207

Source: CCN
Type: RHSA-2013-1208
Moderate: Red Hat JBoss Enterprise Application Platform 6.1.1 update

Source: REDHAT
Type: Third Party Advisory
RHSA-2013:1208

Source: REDHAT
Type: Third Party Advisory
RHSA-2013:1209

Source: CCN
Type: EMC Security Advisory ESA-2015-043
RSA Validation Manager Security Update for Multiple Vulnerabilities

Source: CCN
Type: SA53154
Apache HTTP Server mod_rewrite Vulnerability

Source: CCN
Type: SA54320
Apache HTTP Server mod_rewrite and "httpOnly" Cookie Disclosure Vulnerabilities

Source: CCN
Type: SA54501
Cisco Unified Computing System Apache HTTP Server Vulnerability

Source: CCN
Type: SA54918
HP-UX Apache Web Server Suite mod_rewrite and mod_dav Vulnerabilities

Source: CCN
Type: SA55032
Oracle Solaris Apache HTTP Server Multiple Vulnerabilities

Source: SECUNIA
Type: Not Applicable
55032

Source: CCN
Type: SA55884
Fujitsu Multiple Products Multiple Vulnerabilities

Source: CCN
Type: SA56555
Avaya Aura Application Enablement Services Multiple Vulnerabilities

Source: CCN
Type: Apple Web site
About the security content of OS X Mavericks v10.9.2 and Security Update 2014-001

Source: CONFIRM
Type: Third Party Advisory
http://support.apple.com/kb/HT6150

Source: CCN
Type: Apache SVN Repository
Propose minor security fix for mod_rewrite

Source: CONFIRM
Type: Patch, Vendor Advisory
http://svn.apache.org/viewvc?view=revision&revision=r1469311

Source: CCN
Type: Cisco Security Notice
Apache HTTP Server mod_rewrite Log File Manipulation Vulnerability

Source: CISCO
Type: Broken Link
20130822 Apache HTTP Server mod_rewrite Log File Manipulation Vulnerability

Source: CCN
Type: IBM Security Bulletin 1635991
Potential Security exposure in IBM HTTP Server CVE-2013-1862 PM87808

Source: CCN
Type: IBM Security Bulletin 1644047
Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 8.0.0.7

Source: CONFIRM
Type: Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21644047

Source: CCN
Type: IBM Security Bulletin 1647522
Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 6.1.0.47

Source: CCN
Type: IBM Security Bulletin 1661323
Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 7.0.0.31

Source: CCN
Type: RSA Web site
Validation Manager

Source: CCN
Type: Fujitsu Web Site
Interstage HTTP Server/ Interstage HTTP Server 2.2: Security Vulnerabilities(CVE-2011-3607/ CVE-2012-3499/ CVE-2012-2687/ CVE-2013-1862). November 26th, 2013

Source: CONFIRM
Type: Third Party Advisory
http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html

Source: MANDRIVA
Type: Broken Link
MDVSA-2013:174

Source: CCN
Type: Oracle Web site
Oracle Critical Patch Update Advisory - January 2014

Source: CONFIRM
Type: Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html

Source: BID
Type: Third Party Advisory, VDB Entry
59826

Source: CCN
Type: BID-59826
Apache HTTP Server Terminal Escape Sequence in Logs Command Injection Vulnerability

Source: BID
Type: Third Party Advisory, VDB Entry
64758

Source: CCN
Type: BID-64758
RETIRED: Oracle January 2014 Critical Patch Update Multiple Vulnerabilities

Source: UBUNTU
Type: Third Party Advisory
USN-1903-1

Source: CCN
Type: Red Hat Bugzilla Bug 953729
CVE-2013-1862 httpd: mod_rewrite allows terminal escape sequences to be written to the log file

Source: CONFIRM
Type: Issue Tracking, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=953729

Source: CCN
Type: ASA-2013-285
httpd security update (RHSA-2013-0815)

Source: XF
Type: UNKNOWN
apache-cve20131862-command-exec(84111)

Source: HP
Type: Broken Link
SSRT101288

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210330 svn commit: r1888194 [8/13] - /httpd/site/trunk/content/security/json/

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210603 svn commit: r1075360 [1/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210330 svn commit: r1073149 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210330 svn commit: r1073139 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/json/

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210606 svn commit: r1075467 [1/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: OVAL
Type: Third Party Advisory
oval:org.mitre.oval:def:18790

Source: OVAL
Type: Third Party Advisory
oval:org.mitre.oval:def:19534

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2013-1862

Vulnerable Configuration:Configuration 1:
  • cpe:/a:apache:http_server:*:*:*:*:*:*:*:* (Version >= 2.2.0 and < 2.2.25)
  • OR cpe:/a:apache:http_server:*:*:*:*:*:*:*:* (Version >= 2.0.0 and < 2.0.65)

    • Configuration 2:
  • cpe:/a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*

    • Configuration 5:
  • cpe:/o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*

    • Configuration 6:
  • cpe:/o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:12.2:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:apache:http_server:2.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.2:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.2.8:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.2.9:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.2.11:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.2.10:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.2.13:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.2.12:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.2.14:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.2.15:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.2.16:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.2.18:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.2.19:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.2.17:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.2.20:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.2.21:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.2.24:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.2.22:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.2.23:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:websphere_application_server:6.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:unified_computing_system_(managed):2.2(5b)a:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.8.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.9:*:*:*:*:*:*:*
  • OR cpe:/a:fujitsu:interstage_application_server:10.0.0:*:*:*:enterprise:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.9.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.7.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.7.5:*:*:*:*:*:*:*
  • OR cpe:/a:emc:rsa_validation_manager:3.2:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20131862
    V
    		CVE-2013-1862
    2022-05-20
    oval:org.opensuse.security:def:33045
    P
    		Security update for postgresql96 (Important)
    2021-11-22
    oval:org.opensuse.security:def:32214
    P
    		Security update for pcre (Moderate)
    2021-11-10
    oval:org.opensuse.security:def:33006
    P
    		Security update for openssl (Low)
    2021-09-20
    oval:org.opensuse.security:def:26123
    P
    		Security update for openssl-1_0_0 (Low)
    2021-09-09
    oval:org.opensuse.security:def:32158
    P
    		Security update for dbus-1 (Important)
    2021-08-02
    oval:org.opensuse.security:def:31634
    P
    		Security update for qemu (Important)
    2021-06-08
    oval:org.opensuse.security:def:36082
    P
    		apache2-2.2.12-1.51.52.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:36370
    P
    		apache2-2.2.12-1.51.52.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:42489
    P
    		apache2-2.2.12-1.51.52.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:26057
    P
    		Security update for libX11 (Moderate)
    2021-05-26
    oval:org.opensuse.security:def:26208
    P
    		Security update for git (Important)
    2021-03-09
    oval:org.opensuse.security:def:26204
    P
    		Security update for freeradius-server (Low)
    2021-03-04
    oval:org.opensuse.security:def:32263
    P
    		Security update for java-1_8_0-ibm (Important)
    2021-02-26
    oval:org.opensuse.security:def:25973
    P
    		Security update for the Linux Kernel (Important)
    2020-12-09
    oval:org.opensuse.security:def:31560
    P
    		Security update for python-cryptography (Moderate)
    2020-12-04
    oval:org.opensuse.security:def:32002
    P
    		Security update for gdm (Important)
    2020-12-03
    oval:org.opensuse.security:def:25995
    P
    		Security update for mariadb (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27333
    P
    		xorg-x11-libXrender-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25632
    P
    		Security update for aspell (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26363
    P
    		Security update for libgit2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31766
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:25931
    P
    		Security update for libcares2 (Low)
    2020-12-01
    oval:org.opensuse.security:def:26695
    P
    		fetchmail on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25631
    P
    		Security update for tar (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26349
    P
    		Security update for redis (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26496
    P
    		Security update for tmux (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25920
    P
    		Security update for gstreamer-plugins-base (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26651
    P
    		xen on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26310
    P
    		Security update for Cloud Compute 12 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26345
    P
    		Security update for libgit2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25916
    P
    		Security update for flash-player (Important)
    2020-12-01
    oval:org.opensuse.security:def:32368
    P
    		Security update for tar (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25919
    P
    		Security update for libplist (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26637
    P
    		ruby on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26261
    P
    		Security update for python (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25835
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:27080
    P
    		apache2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31549
    P
    		Security update for screen (Low)
    2020-12-01
    oval:org.opensuse.security:def:32324
    P
    		Security update for samba (Important)
    2020-12-01
    oval:org.opensuse.security:def:26598
    P
    		libpulse-browse0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25707
    P
    		Security update for java-1_7_1-ibm (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27045
    P
    		tgt on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31548
    P
    		Security update for sblim-sfcb (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32302
    P
    		Security update for python (Important)
    2020-12-01
    oval:org.opensuse.security:def:26549
    P
    		ft2demos on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31915
    P
    		Security update for gd (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27368
    P
    		apache2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25643
    P
    		Security update for hunspell (Low)
    2020-12-01
    oval:org.opensuse.security:def:26407
    P
    		Security update for libmad (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31858
    P
    		Security update for cups (Important)
    2020-12-01
    oval:org.mitre.oval:def:18790
    V
    		Apache HTTP vulnerability from 2.2.x before 2.2.25 in VisualSVN Server (CVE-2013-1862)
    2015-05-04
    oval:org.mitre.oval:def:19534
    V
    		HP-UX Apache Web Server, Remote Execution of Arbitrary Code, Denial of Service (DoS)
    2015-04-20
    oval:org.mitre.oval:def:26836
    P
    		SUSE-SU-2014:1082-1 -- Security update for apache2
    2014-11-10
    oval:org.mitre.oval:def:25300
    P
    		SUSE-SU-2013:1824-1 -- Security update for Apache2
    2014-09-08
    oval:org.mitre.oval:def:25551
    P
    		SUSE-SU-2013:1381-1 -- Security update for Apache2
    2014-09-08
    oval:org.mitre.oval:def:18274
    P
    		USN-1903-1 -- apache2 vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:24116
    P
    		ELSA-2013:0815: httpd security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:21067
    P
    		RHSA-2013:0815: httpd security update (Moderate)
    2014-02-17
    oval:com.ubuntu.precise:def:20131862000
    V
    		CVE-2013-1862 on Ubuntu 12.04 LTS (precise) - low.
    2013-06-10
    oval:com.redhat.rhsa:def:20130815
    P
    		RHSA-2013:0815: httpd security update (Moderate)
    2013-05-13
    BACK
    apache http server *
    apache http server *
    redhat jboss enterprise application platform 6.0.0
    redhat jboss enterprise application platform 6.4.0
    redhat enterprise linux 6.0
    redhat enterprise linux 5.0
    oracle http server 12.1.3.0
    oracle http server 12.1.2.0
    oracle http server 11.1.1.7.0
    oracle http server 10.1.3.5.0
    redhat enterprise linux server 5.0
    redhat enterprise linux workstation 5.0
    redhat enterprise linux server aus 6.4
    redhat enterprise linux desktop 6.0
    redhat enterprise linux server 6.0
    redhat enterprise linux workstation 6.0
    redhat enterprise linux desktop 5.0
    redhat enterprise linux server aus 5.9
    redhat enterprise linux eus 5.9
    redhat enterprise linux eus 6.4
    canonical ubuntu linux 13.04
    canonical ubuntu linux 12.10
    canonical ubuntu linux 10.04
    canonical ubuntu linux 12.04
    opensuse opensuse 12.3
    opensuse opensuse 11.4
    opensuse opensuse 12.2
    apache http server 2.2.4
    apache http server 2.2.3
    apache http server 2.2.0
    apache http server 2.2.2
    apache http server 2.2.6
    apache http server 2.2
    apache http server 2.2.1
    apache http server 2.2.8
    apache http server 2.2.9
    apache http server 2.2.11
    apache http server 2.2.10
    apache http server 2.2.13
    apache http server 2.2.12
    apache http server 2.2.14
    apache http server 2.2.15
    apache http server 2.2.16
    apache http server 2.2.18
    apache http server 2.2.19
    apache http server 2.2.17
    apache http server 2.2.20
    apache http server 2.2.21
    apache http server 2.2.24
    apache http server 2.2.22
    apache http server 2.2.23
    ibm websphere application server 6.1
    redhat enterprise linux 5
    redhat enterprise linux 5
    redhat enterprise linux 5
    ibm websphere application server 7.0
    redhat enterprise linux 6
    redhat enterprise linux 6
    ibm websphere application server 8.0
    redhat enterprise linux desktop 6
    redhat enterprise linux hpc node 6
    ibm websphere application server 8.5
    cisco unified computing system (managed) 2.2(5b)a
    apple mac os x 10.8.5
    apple mac os x 10.9
    fujitsu interstage application server 10.0.0
    apple mac os x 10.9.1
    apple mac os x 10.7.5
    apple mac os x server 10.7.5
    emc rsa validation manager 3.2