CVE-2003-1579

Sun ONE (aka iPlanet) Web Server 6 on Windows, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-level domains, as demonstrated by a forged 123.123.123.123 domain name, related to an "Inverse Lookup Log Corruption (ILLC)" issue.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:sun:one_web_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Information

Published : 2010-02-05 14:30

Updated : 2010-02-08 06:55


NVD link : CVE-2003-1579

Mitre link : CVE-2003-1579


JSON object : View

CWE
CWE-189

Numeric Errors

Advertisement

dedicated server usa

Products Affected

sun

  • one_web_server

microsoft

  • windows