← Back

CVE-2003-1578

nvd nist
Published: Feb 5, 2010Modified: Apr 29, 2026

JSON object

Loading...
4.3
Vector
AV:N/AC:M/Au:N/C:N/I:P/A:N
Exploitability: 8.6 / Impact: 2.9
Source: NVD

Description

Sun ONE (aka iPlanet) Web Server 4.1 through SP12 and 6.0 through SP5, when DNS resolution is enabled for client IP addresses, allows remote attackers to hide HTTP requests from the log-preview functionality by accompanying the requests with crafted DNS responses specifying a domain name beginning with a "format=" substring, related to an "Inverse Lookup Log Corruption (ILLC)" issue.

Affected (19)

Products: Sun: One Web Server
Sun
1 product
One Web Server
Configuration A
13 vulnerable
Vulnerable SoftwareAffected Versions
Sun
One Web Server
Up to 4.1
One Web Server
Version 4.1
One Web Server
Version 4.1 sp10
One Web Server
Version 4.1 sp11
One Web Server
Version 4.1 sp1
One Web Server
Version 4.1 sp2
One Web Server
Version 4.1 sp3
One Web Server
Version 4.1 sp4
One Web Server
Version 4.1 sp5
One Web Server
Version 4.1 sp6
One Web Server
Version 4.1 sp7
One Web Server
Version 4.1 sp8
One Web Server
Version 4.1 sp9
Configuration B
6 vulnerable
Vulnerable SoftwareAffected Versions
Sun
One Web Server
Up to 6.0
One Web Server
Version 6.0
One Web Server
Version 6.0 sp1
One Web Server
Version 6.0 sp2
One Web Server
Version 6.0 sp3
One Web Server
Version 6.0 sp4

References (8)

Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Exploit
Source: cve@mitre.org
Patch
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.