Vulnerability Details : CVE-2003-0020
Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.
Threat overview for CVE-2003-0020
Top countries where our scanners detected CVE-2003-0020
Top open port discovered on systems with this issue
80
IPs affected by CVE-2003-0020 138,972
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2003-0020!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2003-0020
Probability of exploitation activity in the next 30 days: 1.02%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 82 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2003-0020
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST |
Vendor statements for CVE-2003-0020
-
Apache 2008-07-02Fixed in Apache HTTP Server 2.0.49 and 1.3.31 http://httpd.apache.org/security/vulnerabilities_20.html http://httpd.apache.org/security/vulnerabilities_13.html
-
http://marc.info/?l=bugtraq&m=108437852004207&w=2
'[OpenPKG-SA-2004.021] OpenPKG Security Advisory (apache)' - MARCThird Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2003-243.html
Third Party Advisory
-
http://marc.info/?l=bugtraq&m=108369640424244&w=2
'[product-security@apple.com: APPLE-SA-2004-05-03 Security Update 2004-05-03]' - MARCThird Party Advisory
-
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E
svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/ - Pony Mail
-
http://www.trustix.org/errata/2004/0017
Broken Link
-
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E
svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html s
- https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E
-
https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E
svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_2
-
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.529643
The Slackware Linux Project: Slackware Security AdvisoriesMailing List;Third Party Advisory
-
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:050
Broken Link
-
http://marc.info/?l=bugtraq&m=108731648532365&w=2
'[security bulletin] SSRT4717 rev.0 HP Tru64 UNIX SSL/TLS Potential Remote Denial of Service (DoS)' - MARCThird Party Advisory
-
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2004:046
Third Party Advisory
- https://lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571@%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01@%3Ccvs.httpd.apache.org%3E
-
http://www.securityfocus.com/bid/9930
Third Party Advisory;VDB Entry
-
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ - Pony Mail
-
http://security.gentoo.org/glsa/glsa-200405-22.xml
Apache 1.3: Multiple vulnerabilities (GLSA 200405-22) — Gentoo securityThird Party Advisory
-
http://www.iss.net/security_center/static/11412.php
Broken Link
-
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E
svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_Mailing List;Vendor Advisory
-
http://www.redhat.com/support/errata/RHSA-2003-139.html
Third Party Advisory
-
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
Pony Mail!
- https://lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce@%3Ccvs.httpd.apache.org%3E
-
http://www.redhat.com/support/errata/RHSA-2003-083.html
Third Party Advisory
-
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1
Broken Link
-
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E
svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_Mailing List;Vendor Advisory
-
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1
Broken Link
-
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E
svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html s
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4114
Third Party Advisory
-
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E
svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_Mailing List;Vendor Advisory
-
http://www.redhat.com/support/errata/RHSA-2003-244.html
Third Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2003-104.html
Third Party Advisory
-
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E
svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_Mailing List;Vendor Advisory
-
http://marc.info/?l=bugtraq&m=104612710031920&w=2
Third Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2003-082.html
Third Party Advisory
-
http://www.trustix.org/errata/2004/0027
Trustix | Empowering Trust and Security in the Digital AgeBroken Link
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A150
Third Party Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100109
Third Party Advisory
-
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html
Broken Link
- cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*