Description
Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse lookup of an IP address, even when a double-reverse lookup fails, which allows remote attackers to hide the original source of activities.
Remediation
References
Related Vulnerabilities
LiteSpeed Web Server Out-of-bounds Read Vulnerability (CVE-2004-0112)
phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-15730)
WordPress Plugin SP Project & Document Manager Arbitrary File Upload (4.22)
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall SQL Injection (3.8.7)