Description
Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse lookup of an IP address, even when a double-reverse lookup fails, which allows remote attackers to hide the original source of activities.
Remediation
References
Related Vulnerabilities
WordPress Plugin PWA for WP & AMP Security Bypass (1.7.32)
ReviveAdserver Incorrect Authorization Vulnerability (CVE-2020-8142)
WordPress Plugin InLinks SQL Injection (1.0)
TYPO3 Cleartext Transmission of Sensitive Information Vulnerability (CVE-2017-6370)
Python Improper Input Validation Vulnerability (CVE-2018-20852)