CVE-2002-2103
Apache HTTP Server - Hostname Spoofing via Reverse DNS Lookup
Title source: llmDescription
Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse lookup of an IP address, even when a double-reverse lookup fails, which allows remote attackers to hide the original source of activities.
References (3)
Core 3
Core References
Patch vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/8629.php
Various Sources x_refsource_confirm
http://www.apache.org/dist/httpd/CHANGES_1.3
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/4358
Scores
EPSS
0.0606
EPSS Percentile
92.6%
Details
Status
published
Products (13)
apache/http_server
1.3.9
apache/http_server
1.3.11
apache/http_server
1.3.12
apache/http_server
1.3.13
apache/http_server
1.3.14
apache/http_server
1.3.15
apache/http_server
1.3.16
apache/http_server
1.3.17
apache/http_server
1.3.18
apache/http_server
1.3.19
... and 3 more
Published
Dec 31, 2002
Tracked Since
Feb 18, 2026