mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Http_server | Apache | 1.3 (including) | 1.3 (including) |
Http_server | Apache | 1.3.1 (including) | 1.3.1 (including) |
Http_server | Apache | 1.3.3 (including) | 1.3.3 (including) |
Http_server | Apache | 1.3.4 (including) | 1.3.4 (including) |
Http_server | Apache | 1.3.6 (including) | 1.3.6 (including) |
Http_server | Apache | 1.3.7 (including) | 1.3.7 (including) |
Http_server | Apache | 1.3.9 (including) | 1.3.9 (including) |
Http_server | Apache | 1.3.11 (including) | 1.3.11 (including) |
Http_server | Apache | 1.3.12 (including) | 1.3.12 (including) |
Http_server | Apache | 1.3.14 (including) | 1.3.14 (including) |
Http_server | Apache | 1.3.17 (including) | 1.3.17 (including) |
Http_server | Apache | 1.3.18 (including) | 1.3.18 (including) |
Http_server | Apache | 1.3.19 (including) | 1.3.19 (including) |
Http_server | Apache | 1.3.20 (including) | 1.3.20 (including) |
Http_server | Apache | 1.3.22 (including) | 1.3.22 (including) |
Http_server | Apache | 1.3.23 (including) | 1.3.23 (including) |
Http_server | Apache | 1.3.24 (including) | 1.3.24 (including) |
Http_server | Apache | 1.3.25 (including) | 1.3.25 (including) |
Http_server | Apache | 1.3.26 (including) | 1.3.26 (including) |
Http_server | Apache | 1.3.27 (including) | 1.3.27 (including) |
Http_server | Apache | 1.3.28 (including) | 1.3.28 (including) |
Http_server | Apache | 1.3.29 (including) | 1.3.29 (including) |
Apache_mod_digest_apple | Apple | * | * |
Communication_manager | Avaya | 1.1 (including) | 1.1 (including) |
Communication_manager | Avaya | 1.3.1 (including) | 1.3.1 (including) |
Communication_manager | Avaya | 2.0 (including) | 2.0 (including) |
Communication_manager | Avaya | 2.0.1 (including) | 2.0.1 (including) |
Intuity_audix_lx | Avaya | * | * |
Virtualvault | Hp | 4.5 (including) | 4.5 (including) |
Virtualvault | Hp | 4.6 (including) | 4.6 (including) |
Virtualvault | Hp | 4.7 (including) | 4.7 (including) |
Webproxy | Hp | a.02.00 (including) | a.02.00 (including) |
Webproxy | Hp | a.02.10 (including) | a.02.10 (including) |
Http_server | Ibm | 1.3.19 (including) | 1.3.19 (including) |