The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an "Inverse Lookup Log Corruption (ILLC)" issue.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2010-02-05T22:13:00Z

Updated: 2024-09-16T17:19:15.536Z

Reserved: 2010-02-05T00:00:00Z

Link: CVE-2003-1581

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2010-02-05T22:30:02.063

Modified: 2024-11-20T23:47:30.010

Link: CVE-2003-1581

cve-icon Redhat

Severity : Low

Publid Date: 2003-03-04T00:00:00Z

Links: CVE-2003-1581 - Bugzilla