Description

Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse lookup of an IP address, even when a double-reverse lookup fails, which allows remote attackers to hide the original source of activities.

Remediation

References

CVE-2002-2103

Related Vulnerabilities

WordPress Plugin Software License Manager Cross-Site Request Forgery (4.4.5)

IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20520)

WordPress Plugin weForms-Easy Drag & Drop Contact Form Builder For WordPress Unspecified Vulnerability (1.5.3)

Rukovoditel Cleartext Storage of Sensitive Information Vulnerability (CVE-2020-11821)

phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-2998)

Severity

Medium

Classification

CVE-2002-2103

Tags

Missing Update Known Vulnerabilities