Back to search
CVE-2013-1862
Published: Jun 10, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugzilla.redhat.com/show_bug.cgi?id=953729
x_refsource_CONFIRM
oval:org.mitre.oval:def:18790
vdb-entry
signature
x_refsource_OVAL
MDVSA-2013:174
vendor-advisory
x_refsource_MANDRIVA
http://www-01.ibm.com/support/docview.wss?uid=swg21644047
x_refsource_CONFIRM
SSRT101288
vendor-advisory
x_refsource_HP
RHSA-2013:1209
vendor-advisory
x_refsource_REDHAT
http://svn.apache.org/viewvc?view=revision&revision=r1469311
x_refsource_CONFIRM
http://people.apache.org/~jorton/mod_rewrite-CVE-2013-1862.patch
x_refsource_CONFIRM
openSUSE-SU-2013:1340
vendor-advisory
x_refsource_SUSE
RHSA-2013:0815
vendor-advisory
x_refsource_REDHAT
http://support.apple.com/kb/HT6150
x_refsource_CONFIRM
USN-1903-1
vendor-advisory
x_refsource_UBUNTU
HPSBUX02927
vendor-advisory
x_refsource_HP
RHSA-2013:1207
vendor-advisory
x_refsource_REDHAT
59826
vdb-entry
x_refsource_BID
RHSA-2013:1208
vendor-advisory
x_refsource_REDHAT
oval:org.mitre.oval:def:19534
vdb-entry
signature
x_refsource_OVAL
20130822 Apache HTTP Server mod_rewrite Log File Manipulation Vulnerability
vendor-advisory
x_refsource_CISCO
openSUSE-SU-2013:1341
vendor-advisory
x_refsource_SUSE
64758
vdb-entry
x_refsource_BID
55032
third-party-advisory
x_refsource_SECUNIA
openSUSE-SU-2013:1337
vendor-advisory
x_refsource_SUSE
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
x_refsource_CONFIRM
[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
mailing-list
x_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1073139 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
mailing-list
x_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/
mailing-list
x_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1888194 [8/13] - /httpd/site/trunk/content/security/json/
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now