mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote malicious users to replay credentials.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
apache http server 1.3.12 |
||
apache http server 1.3.14 |
||
apache http server 1.3.24 |
||
apache http server 1.3.25 |
||
apache http server 1.3.6 |
||
apache http server 1.3.7 |
||
apache http server 1.3.9 |
||
hp virtualvault 4.5 |
||
hp virtualvault 4.6 |
||
apache http server 1.3 |
||
apache http server 1.3.19 |
||
apache http server 1.3.20 |
||
apache http server 1.3.28 |
||
apache http server 1.3.29 |
||
avaya communication manager 1.3.1 |
||
avaya communication manager 2.0 |
||
hp webproxy a.02.10 |
||
ibm http server 1.3.19 |
||
apache http server 1.3.17 |
||
apache http server 1.3.18 |
||
apache http server 1.3.26 |
||
apache http server 1.3.27 |
||
apple apache mod digest apple |
||
avaya communication manager 1.1 |
||
hp virtualvault 4.7 |
||
hp webproxy a.02.00 |
||
apache http server 1.3.1 |
||
apache http server 1.3.11 |
||
apache http server 1.3.22 |
||
apache http server 1.3.23 |
||
apache http server 1.3.3 |
||
apache http server 1.3.4 |
||
avaya communication manager 2.0.1 |
||
avaya intuity audix lx |
||
avaya network routing |
||
avaya modular messaging message storage server 1.1 |
||
sun sunos 5.8 |
||
sun solaris 8.0 |
||
sun solaris 9.0 |
||
openbsd openbsd 3.5 |
||
openbsd openbsd current |
||
avaya modular messaging message storage server 2.0 |
||
openbsd openbsd 3.4 |
||
avaya mn100 |
||
sco openserver 5.0.6 |
||
sco openserver 5.0.7 |
Vulmon