WEB APPLICATION VULNERABILITIES Standard & Premium

Apache HTTP Server Insertion of Sensitive Information into Log File Vulnerability (CVE-2001-1556)

Description

The log files in Apache web server contain information directly supplied by clients and does not filter or quote control characters, which could allow remote attackers to hide HTTP requests and spoof source IP addresses when logs are viewed with UNIX programs such as cat, tail, and grep.

Remediation

References

Related Vulnerabilities

WordPress Plugin Stock Ticker Security Bypass (3.23.0)

WordPress Plugin Related Posts Lite Security Bypass (1.1)

WordPress Plugin Contact Form With Captcha Cross-Site Request Forgery (1.6.2)

MySQL CVE-2022-21368 Vulnerability (CVE-2022-21368)

WordPress Plugin Groundhogg-Marketing Automation & CRM for WordPress Remote Code Execution (1.3.4)

Severity

Medium

Classification

CVE-2001-1556 CWE-532

Tags

Missing Update Known Vulnerabilities