← Back

CVE-2003-1579

nvd nist
Published: Feb 5, 2010Modified: Apr 29, 2026

JSON object

Loading...
4.3
Vector
AV:N/AC:M/Au:N/C:N/I:P/A:N
Exploitability: 8.6 / Impact: 2.9
Source: NVD

Description

Sun ONE (aka iPlanet) Web Server 6 on Windows, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-level domains, as demonstrated by a forged 123.123.123.123 domain name, related to an "Inverse Lookup Log Corruption (ILLC)" issue.

Affected (1)

Products: Sun: One Web Server
Sun
1 product
One Web Server
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
One Web Server
Version 6.0
Running on/withPlatform Versions
Microsoft
Windows
All versions

Related CWEs

CWE-189
CWE-189

References (2)

Source: cve@mitre.org
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit

Timeline

No history available yet.