Description

mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.

Remediation

References

CVE-2013-1862

Related Vulnerabilities

Squid NULL Pointer Dereference Vulnerability (CVE-2018-1000027)

WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-2146)

WordPress Plugin Revive Old Post-Auto Post to Social Media 'cat' Parameter SQL Injection (3.2.5)

WordPress Plugin Twitter LiveBlog Cross-Site Request Forgery (1.1.2)

PHP Other Vulnerability (CVE-2007-1399)

Severity

Medium

Classification

CVE-2013-1862

Tags

Missing Update Known Vulnerabilities