CVE-2001-1556

The log files in Apache web server contain information directly supplied by clients and does not filter or quote control characters, which could allow remote attackers to hide HTTP requests and spoof source IP addresses when logs are viewed with UNIX programs such as cat, tail, and grep.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://archives.neohapsis.com/archives/bugtraq/2001-10/0231.html	Broken Link
http://httpd.apache.org/docs/logs.html	Vendor Advisory
http://www.iss.net/security_center/static/7363.php	Broken Link
http://archives.neohapsis.com/archives/bugtraq/2001-10/0231.html	Broken Link
http://httpd.apache.org/docs/logs.html	Vendor Advisory
http://www.iss.net/security_center/static/7363.php	Broken Link

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:apache:http_server::::::::
	cpe:2.3:a:apache:http_server::::::::

History

20 Nov 2024, 23:37

Type	Values Removed	Values Added
References	~~() http://archives.neohapsis.com/archives/bugtraq/2001-10/0231.html - Broken Link~~	() http://archives.neohapsis.com/archives/bugtraq/2001-10/0231.html - Broken Link
References	~~() http://httpd.apache.org/docs/logs.html - Vendor Advisory~~	() http://httpd.apache.org/docs/logs.html - Vendor Advisory
References	~~() http://www.iss.net/security_center/static/7363.php - Broken Link~~	() http://www.iss.net/security_center/static/7363.php - Broken Link

Information

Published : 2001-12-31 05:00

Updated : 2024-11-20 23:37

NVD link : CVE-2001-1556

Mitre link : CVE-2001-1556

CVE.ORG link : CVE-2001-1556

JSON object : View

Products Affected

apache

http_server

CWE

CWE-532

Insertion of Sensitive Information into Log File

{"id": "CVE-2001-1556", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2001-12-31T05:00:00.000", "references": [{"url": "http://archives.neohapsis.com/archives/bugtraq/2001-10/0231.html", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://httpd.apache.org/docs/logs.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.iss.net/security_center/static/7363.php", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://archives.neohapsis.com/archives/bugtraq/2001-10/0231.html", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://httpd.apache.org/docs/logs.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.iss.net/security_center/static/7363.php", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-532"}]}], "descriptions": [{"lang": "en", "value": "The log files in Apache web server contain information directly supplied by clients and does not filter or quote control characters, which could allow remote attackers to hide HTTP requests and spoof source IP addresses when logs are viewed with UNIX programs such as cat, tail, and grep."}], "lastModified": "2024-11-20T23:37:58.117", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44B59C66-C5B3-4682-BB43-A390B4093828", "versionEndExcluding": "1.3.31", "versionStartIncluding": "1.3.0"}, {"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28A956D5-032E-4DBE-8201-B60B44BDCF01", "versionEndExcluding": "2.0.49", "versionStartIncluding": "2.0.0"}], "operator": "OR"}]}], "vendorComments": [{"comment": "This is a duplicate CVE name and is a combination of CVE-2003-0020 and CVE-2003-0083.", "lastModified": "2006-08-30T00:00:00", "organization": "Red Hat"}], "sourceIdentifier": "cve@mitre.org"}