CVE-2003-1582

Name of the Vulnerable Software and Affected Versions Microsoft Internet Information Services (IIS) version 6.0

Description The issue allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response. This can be used to inject XSS sequences, and is related to an "Inverse Lookup Log Corruption (ILLC)" issue.

Recommendations For Microsoft Internet Information Services (IIS) version 6.0, consider disabling DNS resolution for client IP addresses to prevent arbitrary text injection into log files until a patch is available.