WEB APPLICATION VULNERABILITIES Standard & Premium

Apache HTTP Server Insertion of Sensitive Information into Log File Vulnerability (CVE-2001-1556)

Description

The log files in Apache web server contain information directly supplied by clients and does not filter or quote control characters, which could allow remote attackers to hide HTTP requests and spoof source IP addresses when logs are viewed with UNIX programs such as cat, tail, and grep.

Remediation

References

Related Vulnerabilities

Oracle Database Server Other Vulnerability (CVE-2002-1767)

Drupal Core 5.x Multiple Cross-Site Request Forgery Vulnerabilities (5.0 - 5.1)

MySQL CVE-2015-0507 Vulnerability (CVE-2015-0507)

WordPress Plugin Database for Contact Form 7, WPforms, Elementor forms Cross-Site Scripting (1.3.3)

WordPress Plugin Scoutnet Kalender Cross-Site Scripting (1.1.0)

Severity

Medium

Classification

CVE-2001-1556 CWE-532

Tags

Missing Update Known Vulnerabilities