We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2003-1580



Assignermitre
Reserved2010-02-05
Published2010-02-05
Updated2024-09-17

Description

The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-level domains, as demonstrated by a forged 123.123.123.123 domain name, related to an "Inverse Lookup Log Corruption (ILLC)" issue.

References

http://www.securityfocus.com/archive/1/313867 (20030304 Log corruption on multiple webservers, log analyzers,...) mailing-list

cve.org CVE-2003-1580

nvd.nist.gov CVE-2003-1580

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2003-1580
Subscribe to our newsletter to learn more about our work.