CVE-2003-1579
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Sun ONE (aka iPlanet) Web Server 6 on Windows, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-level domains, as demonstrated by a forged 123.123.123.123 domain name, related to an "Inverse Lookup Log Corruption (ILLC)" issue.
Sun ONE (conocido también como iPlanet) Web Server v6 en Windows, cuando la resolución DNS está activada para direcciones IP de clientes, usa un formato de registro que no identifica si un punto cuadrado representa una dirección IP no resuelta, lo que permite a atacantes remotos falsificar direcciones IP a través de respuestas DNS manipuladas que contiene dominios numéricos de alto nivel, como quedó demostrado por el nombre de dominio falsifcado 123.123.123.123, relacionado con el tema "Inverse Lookup Log Corruption (ILLC)".
CVSS Scores
SSVC
- Decision:-
Timeline
- 2010-02-05 CVE Reserved
- 2010-02-05 CVE Published
- 2024-09-16 CVE Updated
- 2024-09-16 First Exploit
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-189: Numeric Errors
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|---|---|
http://www.securityfocus.com/archive/1/313867 | 2024-09-16 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Sun Search vendor "Sun" | One Web Server Search vendor "Sun" for product "One Web Server" | 6.0 Search vendor "Sun" for product "One Web Server" and version "6.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|