Log Preview Functionality Flaw in Sun ONE Web Server by Sun Microsystems
CVE-2003-1578
Currently unrated
Summary
A vulnerability in Sun ONE Web Server allows remote attackers to manipulate log-preview functionalities by delivering specially crafted DNS responses that include a domain name starting with 'format='. This issue, related to Inverse Lookup Log Corruption, can lead to obscured HTTP requests, enabling attackers to evade detection in web server logs when DNS resolution for client IP addresses is enabled.
References
Timeline
Vulnerability published
Vulnerability Reserved