Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2001-1556 | First vendor Publication | 2001-12-31 |
| Vendor | Cve | Last vendor Modification | 2020-10-14 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:N/I:P/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 5 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| The log files in Apache web server contain information directly supplied by clients and does not filter or quote control characters, which could allow remote attackers to hide HTTP requests and spoof source IP addresses when logs are viewed with UNIX programs such as cat, tail, and grep. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1556 |
CAPEC : Common Attack Pattern Enumeration & Classification
| Id | Name |
|---|---|
| CAPEC-41 | Using Meta-characters in E-mail Headers to Inject Malicious Payloads |
| CAPEC-81 | Web Logs Tampering |
| CAPEC-93 | Log Injection-Tampering-Forging |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-532 | Information Leak Through Log Files |
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 20285 | Apache HTTP Server Log File Control Character Injection |
Sources (Detail)
| Source | Url |
|---|---|
| BUGTRAQ | http://archives.neohapsis.com/archives/bugtraq/2001-10/0231.html |
| CONFIRM | http://httpd.apache.org/docs/logs.html |
| XF | http://www.iss.net/security_center/static/7363.php |
Alert History
| Date | Informations |
|---|---|
| 2023-08-12 12:02:12 |
|
| 2023-08-12 01:01:11 |
|
| 2023-08-11 12:01:54 |
|
| 2023-08-11 01:01:12 |
|
| 2023-08-06 12:01:45 |
|
| 2023-08-06 01:01:12 |
|
| 2023-08-04 12:01:49 |
|
| 2023-08-04 01:01:11 |
|
| 2023-07-14 12:01:47 |
|
| 2023-07-14 01:01:12 |
|
| 2023-03-29 01:01:46 |
|
| 2023-03-28 12:01:17 |
|
| 2021-06-25 01:01:14 |
|
| 2021-05-04 12:01:50 |
|
| 2021-04-22 01:01:58 |
|
| 2020-10-14 21:22:52 |
|
| 2020-05-23 00:14:52 |
|
| 2013-05-11 12:07:44 |
|
