CVE-2003-1580 Information

Description

The Apache HTTP Server 2.0.44 when DNS resolution is enabled for client IP addresses uses a logging format that does not identify whether a dotted quad represents an unresolved IP address which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-level domains as demonstrated by a forged 123.123.123.123 domain name related to an \Inverse Lookup Log Corruption (ILLC)\ issue.

Reference

http://www.securityfocus.com/archive/1/313867