CVE-2003-1584

Cross-site scripting XSS vulnerability in SurfStats allows remote attackers to inject arbitrary web script or HTML via a crafted client domain name, related to an "Inverse Lookup Log Corruption ILLC" issue...

CVE-2003-1585

Cross-site scripting XSS vulnerability in WebLogExpert allows remote attackers to inject arbitrary web script or HTML via a crafted client domain name, related to an "Inverse Lookup Log Corruption ILLC" issue...

CVE-2003-1582

Microsoft Internet Information Services IIS 6.0, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an "Inver...

CVE-2003-1579

Sun ONE aka iPlanet Web Server 6 on Windows, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing...

CVE-2003-1578

Sun ONE aka iPlanet Web Server 4.1 through SP12 and 6.0 through SP5, when DNS resolution is enabled for client IP addresses, allows remote attackers to hide HTTP requests from the log-preview functionality by accompanying the requests with crafted DNS responses specifying a domain name beginning...

CVE-2003-1583

The CVE-2003-1583 entry concerns a Cross‑site Scripting (XSS) vulnerability in WebTrends, enabling remote attackers to inject arbitrary web script or HTML through a crafted client domain name and related to an Inverse Lookup Log Corruption (ILLC) issue. Affected software is WebTrends (Web analyti...

CVE-2003-1579

CVE-2003-1579 affects Sun ONE (iPlanet) Web Server 6 on Windows. When DNS resolution is enabled for client IPs, the logging format does not clearly indicate if a dotted quad is unresolved, enabling remote attackers to spoof IPs via crafted DNS responses containing numerical top-level domains (ILL...

CVE-2003-1585

CVE-2003-1585 describes a cross-site scripting (XSS) vulnerability in WebLogExpert. The issue allows remote attackers to inject arbitrary script or HTML by supplying a crafted client domain name, tied to an "Inverse Lookup Log Corruption (ILLC)" condition. The available sources identify the vulne...

CVE-2003-1584

CVE-2003-1584 describes a cross-site scripting (XSS) vulnerability in SurfStats. The issue allows remote attackers to inject arbitrary web script or HTML by supplying a crafted client domain name, and is related to an “Inverse Lookup Log Corruption (ILLC)” issue. The NVD entry lists a base score ...

CVE-2003-1581

The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an "Inverse Lookup Log...

CVE-2003-1580

The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-lev...

CVE-2003-1580

The CVE-2003-1580 issue affects Apache HTTP Server 2.0.44 when DNS resolution is enabled for client IPs. The vulnerability arises from a logging format that does not indicate whether a dotted-quad IP address is unresolved, which can allow remote attackers to spoof IP addresses by sending crafted ...

CVE-2003-1578

The CVE-2003-1578 entry concerns Sun ONE (iPlanet) Web Server 4.1–SP12 and 6.0–SP5 when DNS resolution is enabled for client IPs. The underlying issue, described as an Inverse Lookup Log Corruption (ILLC) vulnerability, allows remote attackers to hide HTTP requests from the log-preview functional...

CVE-2003-1583

Cross-site scripting XSS vulnerability in WebTrends allows remote attackers to inject arbitrary web script or HTML via a crafted client domain name, related to an "Inverse Lookup Log Corruption ILLC" issue...