Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2003-1581

Опубликовано: 05 фев. 2010
Источник: debian

Описание

The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an "Inverse Lookup Log Corruption (ILLC)" issue.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
apacheremovedpackage
apache2unfixedpackage

Примечания

  • not really an apache issue; if an apache log analyzer is known vulnerable,

  • then that itself should be fixed

Связанные уязвимости

redhat
больше 22 лет назад

The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an "Inverse Lookup Log Corruption (ILLC)" issue.

nvd
больше 15 лет назад

The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an "Inverse Lookup Log Corruption (ILLC)" issue.

github
больше 3 лет назад

The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an "Inverse Lookup Log Corruption (ILLC)" issue.