The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an "Inverse Lookup Log Corruption (ILLC)" issue.
Conclusion & alert: CVE-2003-1581 is rated Exploit Available (57/100): CVSS Low severity, with medium exploitation likelihood (EPSS 3.08%). Core evidence: 1 public exploit reference(s) are indexed (Exploit-DB). EPSS rose +1.49% over the last day, indicating growing attacker interest. Mandatory action: Public exploits are available—assess exposure, apply mitigations, and prioritize patching.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
| EDB-ID | Source | Kind | Published | Link |
|---|---|---|---|---|
| — | nvd_ref | exploit_tag | Exploit-DB ↗ |
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 1.59% | 3.08% | +1.49% |
| 2 | 2026-06-11 | 1.98% | 1.59% | -0.38% |
| 3 | 2025-12-28 | — | 1.98% | — |
Full EPSS history (18 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 2.6 | 2.0 | LOW |
|
4.9 | 2.9 | [email protected] |
| vendor | priority | summary | link |
|---|---|---|---|
debian
|
unimportant | CVE-2003-1581 unimportant priority: Debian including 1 source packages (apache2), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): open 5. | https://security-tracker.debian.org/tracker/CVE-2003-1581 |
redhat
|
low | — | https://access.redhat.com/security/cve/CVE-2003-1581 |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| apache | http_server | 2.0.44 | cpe:2.3:a:apache:http_server:2.0.44:*:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/313867 | Exploit |