Lucene search

[email protected]CVE-2004-1082

HistoryFeb 03, 2004 - 5:00 a.m.

CVE-2004-1082

2004-02-0305:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

122

cve-2004-1082

mod_digest_apple

apache

mac os x server

credentials replay

nvd

6.9 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

65.4%

JSON

mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.

CPENameOperatorVersion
ibm:http_serveribm http servereq1.3.19
hp:virtualvaulthp virtualvaulteq4.5
avaya:communication_manageravaya communication managereq2.0.1
apache:http_serverapache http servereq1.3.23
apache:http_serverapache http servereq1.3.27
apache:http_serverapache http servereq1.3.1
apache:http_serverapache http servereq1.3.25
apache:http_serverapache http servereq1.3.28
apache:http_serverapache http servereq1.3.19
apache:http_serverapache http servereq1.3.24

CPE	Name	Operator	Version
ibm:http_server	ibm http server	eq	1.3.19
hp:virtualvault	hp virtualvault	eq	4.5
avaya:communication_manager	avaya communication manager	eq	2.0.1
apache:http_server	apache http server	eq	1.3.23
apache:http_server	apache http server	eq	1.3.27
apache:http_server	apache http server	eq	1.3.1
apache:http_server	apache http server	eq	1.3.25
apache:http_server	apache http server	eq	1.3.28
apache:http_server	apache http server	eq	1.3.19
apache:http_server	apache http server	eq	1.3.24

Rows per page:

1-10 of 461

References

lists.apple.com/archives/security-announce/2004/Dec/msg00000.html

www.ciac.org/ciac/bulletins/p-049.shtml

www.securityfocus.com/bid/9571

www.securitytracker.com/alerts/2004/Dec/1012414.html

exchange.xforce.ibmcloud.com/vulnerabilities/18347

6.9 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

65.4%

JSON

Related for CVE-2004-1082

nessus3