MGASA-2013-0174

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2013-0174.html

Import Source

https://advisories.mageia.org/MGASA-2013-0174.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2013-0174

Related

CVE-2013-1862

Published

2013-06-19T10:11:42Z

Modified

2013-06-19T10:11:38Z

Summary

Updated apache packages fix security vulnerabilities

Details

It was found that modrewrite did not filter terminal escape sequences from its log file. If modrewrite was configured with the RewriteLog directive, a remote attacker could use specially-crafted HTTP requests to inject terminal escape sequences into the mod_rewrite log file. If a victim viewed the log file with a terminal emulator, it could result in arbitrary command execution with the privileges of that user (CVE-2013-1862).

A buffer overflow when reading digest password file with very long lines in htdigest (PR54893)

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:2 / apache

Package

Name: apache
Purl: pkg:rpm/mageia/apache?distro=mageia-2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.24-1.1.mga2

Ecosystem specific

{
    "section": "core"
}