CVE Vulnerabilities

CVE-2004-1082

Published: Feb 03, 2004 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.

Affected Software

Name Vendor Start Version End Version
Http_server Apache 1.3 (including) 1.3 (including)
Http_server Apache 1.3.1 (including) 1.3.1 (including)
Http_server Apache 1.3.3 (including) 1.3.3 (including)
Http_server Apache 1.3.4 (including) 1.3.4 (including)
Http_server Apache 1.3.6 (including) 1.3.6 (including)
Http_server Apache 1.3.7 (including) 1.3.7 (including)
Http_server Apache 1.3.9 (including) 1.3.9 (including)
Http_server Apache 1.3.11 (including) 1.3.11 (including)
Http_server Apache 1.3.12 (including) 1.3.12 (including)
Http_server Apache 1.3.14 (including) 1.3.14 (including)
Http_server Apache 1.3.17 (including) 1.3.17 (including)
Http_server Apache 1.3.18 (including) 1.3.18 (including)
Http_server Apache 1.3.19 (including) 1.3.19 (including)
Http_server Apache 1.3.20 (including) 1.3.20 (including)
Http_server Apache 1.3.22 (including) 1.3.22 (including)
Http_server Apache 1.3.23 (including) 1.3.23 (including)
Http_server Apache 1.3.24 (including) 1.3.24 (including)
Http_server Apache 1.3.25 (including) 1.3.25 (including)
Http_server Apache 1.3.26 (including) 1.3.26 (including)
Http_server Apache 1.3.27 (including) 1.3.27 (including)
Http_server Apache 1.3.28 (including) 1.3.28 (including)
Http_server Apache 1.3.29 (including) 1.3.29 (including)
Apache_mod_digest_apple Apple * *
Communication_manager Avaya 1.1 (including) 1.1 (including)
Communication_manager Avaya 1.3.1 (including) 1.3.1 (including)
Communication_manager Avaya 2.0 (including) 2.0 (including)
Communication_manager Avaya 2.0.1 (including) 2.0.1 (including)
Intuity_audix_lx Avaya * *
Virtualvault Hp 4.5 (including) 4.5 (including)
Virtualvault Hp 4.6 (including) 4.6 (including)
Virtualvault Hp 4.7 (including) 4.7 (including)
Webproxy Hp a.02.00 (including) a.02.00 (including)
Webproxy Hp a.02.10 (including) a.02.10 (including)
Http_server Ibm 1.3.19 (including) 1.3.19 (including)

References