Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2018-1312

Published: 26/03/2018 Updated: 07/11/2023
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 608
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Apache

Vulnerability Summary

In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed across servers by an attacker without detection.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache http server 2.4.1

apache http server 2.4.20

apache http server 2.4.6

apache http server 2.4.12

apache http server 2.4.3

apache http server 2.4.23

apache http server 2.4.4

apache http server 2.4.10

apache http server 2.4.7

apache http server 2.4.25

apache http server 2.4.26

apache http server 2.4.18

apache http server 2.4.2

apache http server 2.4.17

apache http server 2.4.16

apache http server 2.4.9

apache http server 2.4.27

apache http server 2.4.29

apache http server 2.4.28

canonical ubuntu linux 17.10

canonical ubuntu linux 18.04

canonical ubuntu linux 14.04

canonical ubuntu linux 16.04

canonical ubuntu linux 12.04

debian debian linux 8.0

debian debian linux 7.0

debian debian linux 9.0

netapp cloud backup -

netapp storagegrid -

netapp clustered data ontap -

redhat jboss_core_services 1.0

redhat enterprise linux desktop 7.0

redhat enterprise linux workstation 7.0

redhat enterprise linux server 7.0

redhat enterprise linux server tus 7.6

redhat enterprise linux server aus 7.6

redhat enterprise linux eus 7.6

Vendor Advisories

Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 security update
Synopsis Important: Red Hat JBoss Core Services Apache HTTP Server 2429 security update Type/Severity Security Advisory: Important Topic An update is now available for JBoss Core Services on RHEL 6 and RHEL 7Red Hat Product Security has rated this update as having a security impact of Important A Common ...
Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP1 security update
Synopsis Important: Red Hat JBoss Core Services Apache HTTP Server 2429 SP1 security update Type/Severity Security Advisory: Important Topic Red Hat JBoss Core Services Pack Apache Server 2429 Service Pack 1 packages for Microsoft Windows and Oracle Solaris are now availableRed Hat Product Security has ...
Red Hat: Low: httpd security update
Synopsis Low: httpd security update Type/Severity Security Advisory: Low Topic An update for httpd is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerability Scoring System (CVSS) base score, which gives a detaile ...
Red Hat: Moderate: httpd24 security, bug fix, and enhancement update
Synopsis Moderate: httpd24 security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for httpd24-httpd, httpd24-nghttp2, and httpd24-curl is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of ...
Debian Security Advisories: DSA-4164-1 apache2 -- security update
Several vulnerabilities have been found in the Apache HTTPD server CVE-2017-15710 Alex Nichols and Jakob Hirsch reported that mod_authnz_ldap, if configured with AuthLDAPCharsetConfig, could cause an out of bound write if supplied with a crafted Accept-Language header This could potentially be used for a Denial of Service attack ...
Ubuntu Security Notice: apache2 vulnerabilities
Several security issues were fixed in the Apache HTTP Server ...
Ubuntu Security Notice: apache2 vulnerabilities
Several security issues were fixed in the Apache HTTP Server ...
Ubuntu Security Notice: apache2 vulnerabilities
Several security issues were fixed in Apache ...
Amazon Linux AMI: ALAS-2018-1004
Use-after-free on HTTP/2 stream shutdownWhen an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2430 could have written a NULL pointer potentially to an already freed memory The memory pools maintained by the server make this vulnerability hard to trigger in usual configurations, the reporter and the team ...
Red Hat: CVE-2018-1312
In Apache httpd 220 to 2429, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed across servers by an attacker without detection ...
Arch Linux Issues:
In Apache httpd 220 before 2430, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed across servers by an attacker without detection ...
Tenable Security Advisories: [R1] Tenable.sc 5.13.0 Fixes Multiple Third-Party Vulnerabilities
Tenablesc leverages third-party software to help provide underlying functionality Three separate third-party components (OpenSSL, Apache HTTP Server, SimpleSAMLphp) were found to contain vulnerabilities, and updated versions have been made available by the providers Out of caution and in line with good practice, Tenable opted to upgrade the bun ...

Github Repositories

https://github.com/rochoabanuelos/Red-Team-vs-Blue-Team-Analysis

Assessment, Analysis, and Hardening of a Vulnerable System

Red Team vs Blue Team Analysis Assessment, Analysis, and Hardening of a Vulnerable System Network Topology Red Team Penetration Test Network scan to discover target IP netdiscover -r 19216810/24 Machine IP Hyper-V 19216811 Kali Linux (Attacker) 192168190 Capstone (Target) 1921681105 ELK Server 1921681100 Scanning for open ports nmap 1921681105

https://github.com/gknaus008/Red-Team-Vs-Blue-Team-Project

This project was designed to learn the Red and Blue Team sides of cybersecurity. While I did write report on this project, the main focus was on the act of penetrating and detecting an attack.

Red-Team-vs-Blue-Team NETWORK TOPOLOGY Red Team Environment Blue Team Environment RED TEAM - Penetration Test EXPLOITATION Discover target IP: To discover the target ip: netdiscover -r <ip subnet> IP Machine 19216811 Gateway IP, Hyper-V 1921681100 ELK server 1921681105 Capstone, target machine S

https://github.com/Meangreen76/Red-vs.-Blue-Project

Red Team vs. Blue Team scenario in which I played the role of both pentester and SOC analyst.

Red-vs-Blue-Project NETWORK TOPOLOGY RED TEAM - Penetration Test NMAP scan: Port State Service Port 22 Open SSH Port 80 Open HTTP Aggressive scan: An aggressive scan reveals a webserver directory structure on tcp port 80, which is a http port, and two potential usernames of employees – ashton and hannah (which will be more relevant for bruteforcing later):

https://github.com/shamsulchowdhury/Unit-20-Project-2-Red-vs-Blue-Team

Red-Team-vs-Blue-Team NETWORK TOPOLOGY Red Team Environment Blue Team Environment RED TEAM - Penetration Test EXPLOITATION Discover target IP: To discover the target ip: netdiscover -r 19216810/24 IP Machine 19216811 Gateway IP, Hyper-V 1921681100 ELK server 1921681105 Capstone, target machine Service and

https://github.com/ShattenJager81/Cyber-2

Red-Team-vs-Blue-Team NETWORK TOPOLOGY Red Team Environment Blue Team Environment RED TEAM - Penetration Test EXPLOITATION Discover target IP: To discover the target ip: netdiscover -r 19216810/24 IP Machine 19216811 Gateway IP, Hyper-V 1921681100 ELK server 1921681105 Capstone, target machine Service and

https://github.com/SamGeron/Red-Team-vs-Blue-Team

Red-Team-vs-Blue-Team NETWORK TOPOLOGY Red Team Environment Blue Team Environment RED TEAM - Penetration Test EXPLOITATION Discover target IP: To discover the target ip: netdiscover -r <ip subnet> IP Machine 19216811 Gateway IP, Hyper-V 1921681100 ELK server 1921681105 Capstone, target machine S

https://github.com/Chad-Atkinson/Red-vs-Blue-team-project

Red-vs-Blue-team-project Red Team Environment Blue Team Environment RED TEAM - Penetration Test EXPLOITATION Discover target IP: To discover the target ip: netdiscover -r IP Machine 19216811 Gateway IP, Hyper-V 1921681100 ELK server 1921681105 Capstone, target machine Service and version scan: nmap -sV -v 1921681105 Port Service Version Port 22 SSH OpenSSH 76p

https://github.com/kabir0104k/ethan

HTML5 Background Video Want to play a video in the background of a container or body itself ? This plugin will help you do exactly that I'd suggest you to read this article too Demo Features Resizing The video element in use will automatically adapt to the container's dimensions It will also resize as the browser window resizes Overlay Plugin doesn't supports

https://github.com/AlanShami/Red-Team-vs-Blue-Team-Project

Red-Team-vs-Blue-Team-Project a Red Team vs Blue Team scenario in which you will play the role of both pentester and SOC analyst As the Red Team, you will attack a vulnerable VM within your environment, ultimately gaining root access to the machine As Blue Team, you will use Kibana to review logs taken You'll use the logs to extract hard data and visualizations for the

References

CWE-287https://httpd.apache.org/security/vulnerabilities_24.htmlhttp://www.openwall.com/lists/oss-security/2018/03/24/7http://www.securitytracker.com/id/1040571http://www.securityfocus.com/bid/103524https://www.debian.org/security/2018/dsa-4164https://usn.ubuntu.com/3627-1/https://usn.ubuntu.com/3627-2/https://lists.debian.org/debian-lts-announce/2018/05/msg00020.htmlhttps://security.netapp.com/advisory/ntap-20180601-0004/https://access.redhat.com/errata/RHSA-2018:3558https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_ushttps://access.redhat.com/errata/RHSA-2019:0367https://access.redhat.com/errata/RHSA-2019:0366https://usn.ubuntu.com/3937-2/https://access.redhat.com/errata/RHSA-2019:1898https://www.tenable.com/security/tns-2019-09https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3Ehttps://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2019:0367https://usn.ubuntu.com/3627-2/https://www.debian.org/security/./dsa-4164
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook