Description

The log files in Apache web server contain information directly supplied by clients and does not filter or quote control characters, which could allow remote attackers to hide HTTP requests and spoof source IP addresses when logs are viewed with UNIX programs such as cat, tail, and grep.

Remediation

References

CVE-2001-1556

Related Vulnerabilities

PHP Other Vulnerability (CVE-2005-3054)

Joomla! Core Security Bypass (1.5.0 - 3.8.12)

WordPress Denial of Service Vulnerability (3.5 - 3.6.1)

WordPress Plugin WP Quick FrontEnd Editor Multiple Vulnerabilities (5.5)

WordPress Plugin user files Arbitrary File Upload (2.4.2)

Severity

Medium

Classification

CVE-2001-1556 CWE-532

Tags

Missing Update Known Vulnerabilities