CVE-2002-2103

medium

Description

Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse lookup of an IP address, even when a double-reverse lookup fails, which allows remote attackers to hide the original source of activities.

References

http://www.securityfocus.com/bid/4358

http://www.iss.net/security_center/static/8629.php

http://www.apache.org/dist/httpd/CHANGES_1.3

Details

Source: Mitre, NVD

Published: 2002-12-31

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Severity: Medium

EPSS

EPSS: 0.02317