Lucene search

[email protected]NVD:CVE-2003-1578

HistoryFeb 05, 2010 - 10:30 p.m.

CVE-2003-1578

2010-02-0522:30:01

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.7

Confidence

Low

EPSS

0.003

Percentile

71.7%

JSON

Sun ONE (aka iPlanet) Web Server 4.1 through SP12 and 6.0 through SP5, when DNS resolution is enabled for client IP addresses, allows remote attackers to hide HTTP requests from the log-preview functionality by accompanying the requests with crafted DNS responses specifying a domain name beginning with a “format=” substring, related to an “Inverse Lookup Log Corruption (ILLC)” issue.

Affected configurations

Nvd

Node

sunone_web_serverRange≤4.1sp12

sunone_web_serverMatch4.1

sunone_web_serverMatch4.1sp1

sunone_web_serverMatch4.1sp10

sunone_web_serverMatch4.1sp11

sunone_web_serverMatch4.1sp2

sunone_web_serverMatch4.1sp3

sunone_web_serverMatch4.1sp4

sunone_web_serverMatch4.1sp5

sunone_web_serverMatch4.1sp6

sunone_web_serverMatch4.1sp7

sunone_web_serverMatch4.1sp8

sunone_web_serverMatch4.1sp9

Node

sunone_web_serverRange≤6.0sp5

sunone_web_serverMatch6.0

sunone_web_serverMatch6.0sp1

sunone_web_serverMatch6.0sp2

sunone_web_serverMatch6.0sp3

sunone_web_serverMatch6.0sp4

VendorProductVersionCPE
sunone_web_server*cpe:2.3:a:sun:one_web_server:*:sp12:*:*:*:*:*:*
sunone_web_server4.1cpe:2.3:a:sun:one_web_server:4.1:*:*:*:*:*:*:*
sunone_web_server4.1cpe:2.3:a:sun:one_web_server:4.1:sp1:*:*:*:*:*:*
sunone_web_server4.1cpe:2.3:a:sun:one_web_server:4.1:sp10:*:*:*:*:*:*
sunone_web_server4.1cpe:2.3:a:sun:one_web_server:4.1:sp11:*:*:*:*:*:*
sunone_web_server4.1cpe:2.3:a:sun:one_web_server:4.1:sp2:*:*:*:*:*:*
sunone_web_server4.1cpe:2.3:a:sun:one_web_server:4.1:sp3:*:*:*:*:*:*
sunone_web_server4.1cpe:2.3:a:sun:one_web_server:4.1:sp4:*:*:*:*:*:*
sunone_web_server4.1cpe:2.3:a:sun:one_web_server:4.1:sp5:*:*:*:*:*:*
sunone_web_server4.1cpe:2.3:a:sun:one_web_server:4.1:sp6:*:*:*:*:*:*

Vendor	Product	Version	CPE
sun	one_web_server	*	cpe:2.3:a:sun:one_web_server::sp12::::::*
sun	one_web_server	4.1	cpe:2.3:a:sun:one_web_server:4.1:::::::*
sun	one_web_server	4.1	cpe:2.3:a:sun:one_web_server:4.1:sp1::::::
sun	one_web_server	4.1	cpe:2.3:a:sun:one_web_server:4.1:sp10::::::
sun	one_web_server	4.1	cpe:2.3:a:sun:one_web_server:4.1:sp11::::::
sun	one_web_server	4.1	cpe:2.3:a:sun:one_web_server:4.1:sp2::::::
sun	one_web_server	4.1	cpe:2.3:a:sun:one_web_server:4.1:sp3::::::
sun	one_web_server	4.1	cpe:2.3:a:sun:one_web_server:4.1:sp4::::::
sun	one_web_server	4.1	cpe:2.3:a:sun:one_web_server:4.1:sp5::::::
sun	one_web_server	4.1	cpe:2.3:a:sun:one_web_server:4.1:sp6::::::

Rows per page:

1-10 of 191

References

sunsolve.sun.com/search/document.do?assetkey=1-66-201453-1

www.securityfocus.com/archive/1/313867

www.securityfocus.com/bid/7012

exchange.xforce.ibmcloud.com/vulnerabilities/56633

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.7

Confidence

Low

EPSS

0.003

Percentile

71.7%

JSON

Related for NVD:CVE-2003-1578

cvelist1 cve1