Description

This alert was generated using only banner information. It may be a false positive.

This version of Apache is vulnerable to escape character sequences injection into error log.This problem may be exploited when a vulnerable terminal emulator is used.

Affected Apache versions (up to 2.0.48 for Apache 2.x and up to 1.3.29 for Apache 1.x).

Remediation

Upgrade to the latest version of Apache.

References

BID 9930

Apache homepage

Related Vulnerabilities

WordPress Plugin Username Changer Multiple Vulnerabilities (1.4)

WordPress Plugin Manage and respond to conversations with leads-HappyForms PHP Object Injection (1.0.0)

WordPress Plugin Campaign URL Builder Cross-Site Request Forgery (1.5.0)

WordPress Plugin All 404 Redirect to Homepage Cross-Site Scripting (1.21)

WordPress Plugin On Page SEO + Social Live Chat (Formerly OPS) Cross-Site Scripting (1.0.1)

Severity

Medium

Classification

CVE-2003-0020 CWE-20 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

Tags

Missing Update