MGASA-2013-0174
Advisory lineage Upstream: 1 Downstream: 0
Upstream
Published: 19 Jun 2013, 10:11
Last modified:16 Apr 2026, 04:25
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
19 Jun 2013, 10:11
Published
Vulnerability first disclosed
16 Apr 2026, 04:25
Last Modified
Vulnerability information updated
Description
Updated apache packages fix security vulnerabilities It was found that mod_rewrite did not filter terminal escape sequences from its log file. If mod_rewrite was configured with the RewriteLog directive, a remote attacker could use specially-crafted HTTP requests to inject terminal escape sequences into the mod_rewrite log file. If a victim viewed the log file with a terminal emulator, it could result in arbitrary command execution with the privileges of that user (CVE-2013-1862). A buffer overflow when reading digest password file with very long lines in htdigest (PR54893)
Affected Systems
- mageia•apache
< 2.2.24-1.1.mga2