Vulnerabilities > CVE-2002-2103 - Unspecified vulnerability in Apache Http Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse lookup of an IP address, even when a double-reverse lookup fails, which allows remote attackers to hide the original source of activities.
Vulnerable Configurations
Statements
contributor | Mark J Cox |
lastmodified | 2006-08-30 |
organization | Red Hat |
statement | Not vulnerable. This issue did not affect the versions of Apache HTTP server as shipped with Red Hat Enterprise Linux 2.1, 3, or 4. |