Back to search
CVE-2001-1556
Published: Jul 14, 2005
Modified: Sep 16, 2024
PUBLISHED
Description
The log files in Apache web server contain information directly supplied by clients and does not filter or quote control characters, which could allow remote attackers to hide HTTP requests and spoof source IP addresses when logs are viewed with UNIX programs such as cat, tail, and grep.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
apache-hidden-http-request(7363)
vdb-entry
x_refsource_XF
http://httpd.apache.org/docs/logs.html
x_refsource_CONFIRM
20011024 Hidden requests to Apache
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now