mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Http_server | Ibm | 1.3.19 | 1.3.19 |
Virtualvault | Hp | 4.5 | 4.5 |
Communication_manager | Avaya | 2.0.1 | 2.0.1 |
Http_server | Apache | 1.3.23 | 1.3.23 |
Http_server | Apache | 1.3.27 | 1.3.27 |
Http_server | Apache | 1.3.1 | 1.3.1 |
Http_server | Apache | 1.3.25 | 1.3.25 |
Http_server | Apache | 1.3.28 | 1.3.28 |
Http_server | Apache | 1.3.19 | 1.3.19 |
Http_server | Apache | 1.3.24 | 1.3.24 |
Http_server | Apache | 1.3.20 | 1.3.20 |
Http_server | Apache | 1.3.7 | 1.3.7 |
Http_server | Apache | 1.3.6 | 1.3.6 |
Http_server | Apache | 1.3.4 | 1.3.4 |
Intuity_audix_lx | Avaya | * | * |
Http_server | Apache | 1.3.18 | 1.3.18 |
Virtualvault | Hp | 4.7 | 4.7 |
Http_server | Apache | 1.3 | 1.3 |
Http_server | Apache | 1.3.12 | 1.3.12 |
Virtualvault | Hp | 4.6 | 4.6 |
Http_server | Apache | 1.3.3 | 1.3.3 |
Http_server | Apache | 1.3.17 | 1.3.17 |
Communication_manager | Avaya | 2.0 | 2.0 |
Http_server | Apache | 1.3.26 | 1.3.26 |
Http_server | Apache | 1.3.9 | 1.3.9 |
Webproxy | Hp | a.02.00 | a.02.00 |
Apache_mod_digest_apple | Apple | * | * |
Http_server | Apache | 1.3.14 | 1.3.14 |
Http_server | Apache | 1.3.29 | 1.3.29 |
Webproxy | Hp | a.02.10 | a.02.10 |
Http_server | Apache | 1.3.22 | 1.3.22 |
Http_server | Apache | 1.3.11 | 1.3.11 |
Communication_manager | Avaya | 1.1 | 1.1 |
Communication_manager | Avaya | 1.3.1 | 1.3.1 |