Log Preview Functionality Flaw in Sun ONE Web Server by Sun Microsystems
CVE-2003-1578

Currently unrated

Key Information:

Vendor
Oracle
Vendor
CVE Published:
5 February 2010

Summary

A vulnerability in Sun ONE Web Server allows remote attackers to manipulate log-preview functionalities by delivering specially crafted DNS responses that include a domain name starting with 'format='. This issue, related to Inverse Lookup Log Corruption, can lead to obscured HTTP requests, enabling attackers to evade detection in web server logs when DNS resolution for client IP addresses is enabled.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.