apache and CAN-2003-0020

To: debian-security@lists.debian.org
Subject: apache and CAN-2003-0020
From: Geoff Crompton <geoff.crompton@strategicdata.com.au>
Date: Wed, 23 Mar 2005 15:44:51 +1100
Message-id: <[🔎] 4240F443.1010308@strategicdata.com.au>

CAN-2003-0020 is a vulnerability in apache that mentions how apacheallows escape sequences into the error logs, which might exploit aterminal program viewing them.More detail is at http://www.securityfocus.com/bid/9930. Thesecurityfocus page lists Debian as being vulnerable, and I can't find aDSA that corresponds to CAN-2003-0020.


Does anyone know if Debian is vulnerable or fixed?
--
Geoff Crompton
Debian System Administrator
Strategic Data
+61 3 9340 9000

Reply to:

Follow-Ups:
- Re: apache and CAN-2003-0020
  - From: Christophe Chisogne <christophe@publicityweb.com>
- Re: apache and CAN-2003-0020
  - From: Joey Hess <joeyh@debian.org>

Prev by Date: Re: xpdf vulnerability?
Next by Date: apache and CAN-2004-0174
Previous by thread: Re: Procmail recipe for Nitwit unsubscribers who can't read DU sigs.
Next by thread: Re: apache and CAN-2003-0020
Index(es):
- Date
- Thread