CVE Vulnerabilities

CVE-2004-1082

Published: Feb 03, 2004 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.

Affected Software

Name Vendor Start Version End Version
Http_server Apache 1.3 1.3
Http_server Apache 1.3.1 1.3.1
Http_server Apache 1.3.3 1.3.3
Http_server Apache 1.3.4 1.3.4
Http_server Apache 1.3.6 1.3.6
Http_server Apache 1.3.7 1.3.7
Http_server Apache 1.3.9 1.3.9
Http_server Apache 1.3.11 1.3.11
Http_server Apache 1.3.12 1.3.12
Http_server Apache 1.3.14 1.3.14
Http_server Apache 1.3.17 1.3.17
Http_server Apache 1.3.18 1.3.18
Http_server Apache 1.3.19 1.3.19
Http_server Apache 1.3.20 1.3.20
Http_server Apache 1.3.22 1.3.22
Http_server Apache 1.3.23 1.3.23
Http_server Apache 1.3.24 1.3.24
Http_server Apache 1.3.25 1.3.25
Http_server Apache 1.3.26 1.3.26
Http_server Apache 1.3.27 1.3.27
Http_server Apache 1.3.28 1.3.28
Http_server Apache 1.3.29 1.3.29
Apache_mod_digest_apple Apple * *
Communication_manager Avaya 1.1 1.1
Communication_manager Avaya 1.3.1 1.3.1
Communication_manager Avaya 2.0 2.0
Communication_manager Avaya 2.0.1 2.0.1
Intuity_audix_lx Avaya * *
Virtualvault Hp 4.5 4.5
Virtualvault Hp 4.6 4.6
Virtualvault Hp 4.7 4.7
Webproxy Hp a.02.00 a.02.00
Webproxy Hp a.02.10 a.02.10
Http_server Ibm 1.3.19 1.3.19

References