CVE-2004-1082

mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.

Affected Software

Name	Vendor	Start Version	End Version
Http_server	Ibm	1.3.19	1.3.19
Virtualvault	Hp	4.5	4.5
Communication_manager	Avaya	2.0.1	2.0.1
Http_server	Apache	1.3.23	1.3.23
Http_server	Apache	1.3.27	1.3.27
Http_server	Apache	1.3.1	1.3.1
Http_server	Apache	1.3.25	1.3.25
Http_server	Apache	1.3.28	1.3.28
Http_server	Apache	1.3.19	1.3.19
Http_server	Apache	1.3.24	1.3.24
Http_server	Apache	1.3.20	1.3.20
Http_server	Apache	1.3.7	1.3.7
Http_server	Apache	1.3.6	1.3.6
Http_server	Apache	1.3.4	1.3.4
Intuity_audix_lx	Avaya	*	*
Http_server	Apache	1.3.18	1.3.18
Virtualvault	Hp	4.7	4.7
Http_server	Apache	1.3	1.3
Http_server	Apache	1.3.12	1.3.12
Virtualvault	Hp	4.6	4.6
Http_server	Apache	1.3.3	1.3.3
Http_server	Apache	1.3.17	1.3.17
Communication_manager	Avaya	2.0	2.0
Http_server	Apache	1.3.26	1.3.26
Http_server	Apache	1.3.9	1.3.9
Webproxy	Hp	a.02.00	a.02.00
Apache_mod_digest_apple	Apple	*	*
Http_server	Apache	1.3.14	1.3.14
Http_server	Apache	1.3.29	1.3.29
Webproxy	Hp	a.02.10	a.02.10
Http_server	Apache	1.3.22	1.3.22
Http_server	Apache	1.3.11	1.3.11
Communication_manager	Avaya	1.1	1.1
Communication_manager	Avaya	1.3.1	1.3.1

NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-1082
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Affected Software

References