Apache mod_digest Client-Supplied Nonce Verification Vulnerability

Bugtraq ID: 9571
Class: Access Validation Error
CVE: CVE-2003-0987
CVE-2004-1082
Remote: Yes
Local: No
Published: Feb 03 2004 12:00AM
Updated: Jul 12 2009 02:06AM
Credit: Discovery is credited to Dirk-Willem van Gulik.
Vulnerable: Sun Solaris 9_x86
Sun Solaris 9
Sun Solaris 8_x86
Sun Solaris 8_sparc
SCO Open Server 5.0.7
SCO Open Server 5.0.6
Redhat Stronghold 4.0
OpenBSD OpenBSD 3.5
OpenBSD OpenBSD 3.4
OpenBSD OpenBSD -current
IBM HTTP Server 1.3.19
HP Webproxy A.02.10
HP Webproxy A.02.00
HP VirtualVault A.04.70
HP VirtualVault A.04.60
HP VirtualVault A.04.50
Avaya Network Routing
Avaya Modular Messaging (MSS) 2.0
Avaya Modular Messaging (MSS) 1.1
Avaya MN100
Avaya Intuity LX
Avaya Communication Manager 2.0.1
Avaya Communication Manager 2.0
Avaya Communication Manager 1.3.1
Avaya Communication Manager 1.1
Apple mod_digest_apple
Apache Apache 1.3.29
Apache Apache 1.3.28
Apache Apache 1.3.27
Apache Apache 1.3.26
Apache Apache 1.3.25
Apache Apache 1.3.24
Apache Apache 1.3.23
Apache Apache 1.3.22
Apache Apache 1.3.20
Apache Apache 1.3.19
Apache Apache 1.3.18
Apache Apache 1.3.17
Apache Apache 1.3.14
Apache Apache 1.3.12
Apache Apache 1.3.11
Apache Apache 1.3.9
Apache Apache 1.3.7 -dev
Apache Apache 1.3.6
Apache Apache 1.3.4
Apache Apache 1.3.3
Apache Apache 1.3.1
Apache Apache 1.3
Not Vulnerable: Posadis Posadis 1.3.31
Apache Apache 1.3.31


 

Privacy Statement
Copyright 2010, SecurityFocus