Vulnerability Details : CVE-2003-0020
Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.
Products affected by CVE-2003-0020
- cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
Threat overview for CVE-2003-0020
Top countries where our scanners detected CVE-2003-0020
Top open port discovered on systems with this issue
80
IPs affected by CVE-2003-0020 138,972
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2003-0020!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2003-0020
1.13%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 84 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2003-0020
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST |
Vendor statements for CVE-2003-0020
-
Apache 2008-07-02Fixed in Apache HTTP Server 2.0.49 and 1.3.31 http://httpd.apache.org/security/vulnerabilities_20.html http://httpd.apache.org/security/vulnerabilities_13.html
References for CVE-2003-0020
-
http://marc.info/?l=bugtraq&m=108437852004207&w=2
'[OpenPKG-SA-2004.021] OpenPKG Security Advisory (apache)' - MARCThird Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2003-243.html
SupportThird Party Advisory
-
http://marc.info/?l=bugtraq&m=108369640424244&w=2
'[product-security@apple.com: APPLE-SA-2004-05-03 Security Update 2004-05-03]' - MARCThird Party Advisory
-
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E
svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/ - Pony Mail
-
http://www.trustix.org/errata/2004/0017
Trustix | Empowering Trust and Security in the Digital AgeBroken Link
-
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E
svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html s
-
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E
-
https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E
svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_2
-
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.529643
The Slackware Linux Project: Slackware Security AdvisoriesMailing List;Third Party Advisory
-
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:050
Broken Link
-
http://marc.info/?l=bugtraq&m=108731648532365&w=2
'[security bulletin] SSRT4717 rev.0 HP Tru64 UNIX SSL/TLS Potential Remote Denial of Service (DoS)' - MARCThird Party Advisory
-
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2004:046
MandrivaThird Party Advisory
-
https://lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571@%3Ccvs.httpd.apache.org%3E
-
https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01@%3Ccvs.httpd.apache.org%3E
-
http://www.securityfocus.com/bid/9930
Third Party Advisory;VDB Entry
-
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ - Pony Mail
-
http://security.gentoo.org/glsa/glsa-200405-22.xml
Apache 1.3: Multiple vulnerabilities (GLSA 200405-22) — Gentoo securityThird Party Advisory
-
http://www.iss.net/security_center/static/11412.php
Broken Link
-
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E
svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_Mailing List;Vendor Advisory
-
http://www.redhat.com/support/errata/RHSA-2003-139.html
SupportThird Party Advisory
-
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
Pony Mail!
-
https://lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce@%3Ccvs.httpd.apache.org%3E
-
http://www.redhat.com/support/errata/RHSA-2003-083.html
SupportThird Party Advisory
-
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1
Broken Link
-
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E
svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_Mailing List;Vendor Advisory
-
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1
Broken Link
-
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E
svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html s
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4114
404 Not FoundThird Party Advisory
-
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E
svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_Mailing List;Vendor Advisory
-
http://www.redhat.com/support/errata/RHSA-2003-244.html
SupportThird Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2003-104.html
SupportThird Party Advisory
-
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E
svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_Mailing List;Vendor Advisory
-
http://marc.info/?l=bugtraq&m=104612710031920&w=2
'Terminal Emulator Security Issues' - MARCThird Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2003-082.html
SupportThird Party Advisory
-
http://www.trustix.org/errata/2004/0027
Trustix | Empowering Trust and Security in the Digital AgeBroken Link
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A150
404 Not FoundThird Party Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100109
404 Not FoundThird Party Advisory
-
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html
Broken Link
Jump to