CVE-2004-1834 | Vulnerability Database | Aqua Security

mod_disk_cache in Apache 2.0 through 2.0.49 stores client headers, including authentication information, on the hard disk, which could allow local users to gain sensitive information.

Affected Software

Name	Vendor	Start Version	End Version
Http_server	Apache	2.0.42	2.0.42
Http_server	Apache	2.0.47	2.0.47
Http_server	Apache	2.0.35	2.0.35
Http_server	Apache	2.0.37	2.0.37
Http_server	Apache	2.0.44	2.0.44
Http_server	Apache	2.0.39	2.0.39
Http_server	Apache	2.0.28	2.0.28
Http_server	Apache	2.0.41	2.0.41
Http_server	Apache	2.0.49	2.0.49
Http_server	Apache	2.0.9	2.0.9
Http_server	Apache	2.0.32	2.0.32
Http_server	Apache	2.0.38	2.0.38
Http_server	Apache	2.0.48	2.0.48
Http_server	Apache	2.0.45	2.0.45
Http_server	Apache	2.0.40	2.0.40
Http_server	Apache	2.0.36	2.0.36
Http_server	Apache	2.0.46	2.0.46
Http_server	Apache	2.0.43	2.0.43
Http_server	Apache	2.0.28	2.0.28
Http_server	Apache	2.0	2.0

References

http://www.securityfocus.com/bid/9933
http://www.osvdb.org/4446
http://securitytracker.com/id?1009509
http://secunia.com/advisories/11176
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1
http://secunia.com/advisories/19072
http://www.redhat.com/support/errata/RHSA-2004-562.html
http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm
http://www.vupen.com/english/advisories/2006/0789
http://marc.info/?l=bugtraq\u0026m=107981737322495\u0026w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/15547
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11133
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E

NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-1834
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html