Description

This alert was generated using only banner information. It may be a false positive.

This version of Apache is vulnerable to escape character sequences injection into error log.This problem may be exploited when a vulnerable terminal emulator is used.

Affected Apache versions (up to 2.0.48 for Apache 2.x and up to 1.3.29 for Apache 1.x).

Remediation

Upgrade to the latest version of Apache.

References

BID 9930

Apache homepage

Related Vulnerabilities

WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.8)

WordPress Plugin My Calendar Multiple Cross-Site Scripting Vulnerabilities (2.3.9)

WordPress Plugin Jigoshop Multiple Unspecified Vulnerabilities (1.17.13)

WordPress MU 'wp-includes/wpmu-functions.php' Cross-Site Scripting Vulnerability (1.0 - 2.6)

WordPress Plugin Mobiloud-Native Mobile Apps for your WordPress site (iPhone, iPad, Android) Multiple Cross-Site Scripting Vulnerabilities (2.3.7)

Severity

Medium

Classification

CVE-2003-0020 CWE-20 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update