Details of VAR-200402-0070

ID

VAR-200402-0070

CVE

CVE-2004-1082

TITLE

Apache mod_digest Customer supply Nonce Confirmation vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200402-019

DESCRIPTION

mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. Patches have been released for the Apache mod_digest module to include digest replay protection. The module reportedly did not adequately verify client-supplied nonces against the server issued nonce. This could permit a remote attacker to replay the response of another website or section of the same website under some circumstances. It should be noted that this issue does not exist in mod_auth_digest module. Apache is a popular WEB server program. A remote attacker could exploit this vulnerability to forge responses from other sites. This vulnerability only occurs when the username and password of the user on the fake station and the server are the same, and the actual name is also the same, but this situation is relatively rare

Trust: 1.26

sources: NVD: CVE-2004-1082 // BID: 9571 // VULHUB: VHN-9512

AFFECTED PRODUCTS

vendor:	sun	model:	solaris	scope:	eq	version:	9.0	Trust: 1.6
vendor:	sun	model:	solaris	scope:	eq	version:	8.0	Trust: 1.6
vendor:	openbsd	model:	openbsd	scope:	eq	version:	3.5	Trust: 1.3
vendor:	openbsd	model:	openbsd	scope:	eq	version:	3.4	Trust: 1.3
vendor:	ibm	model:	http server	scope:	eq	version:	1.3.19	Trust: 1.3
vendor:	avaya	model:	communication manager	scope:	eq	version:	2.0.1	Trust: 1.3
vendor:	avaya	model:	communication manager	scope:	eq	version:	2.0	Trust: 1.3
vendor:	avaya	model:	communication manager	scope:	eq	version:	1.3.1	Trust: 1.3
vendor:	avaya	model:	communication manager	scope:	eq	version:	1.1	Trust: 1.3
vendor:	sco	model:	openserver	scope:	eq	version:	5.0.7	Trust: 1.0
vendor:	avaya	model:	intuity audix lx	scope:	eq	version:	*	Trust: 1.0
vendor:	apache	model:	http server	scope:	eq	version:	1.3.29	Trust: 1.0
vendor:	avaya	model:	modular messaging message storage server	scope:	eq	version:	1.1	Trust: 1.0
vendor:	apache	model:	http server	scope:	eq	version:	1.3.11	Trust: 1.0
vendor:	hp	model:	virtualvault	scope:	eq	version:	4.5	Trust: 1.0
vendor:	hp	model:	webproxy	scope:	eq	version:	a.02.10	Trust: 1.0
vendor:	apache	model:	http server	scope:	eq	version:	1.3.7	Trust: 1.0
vendor:	apache	model:	http server	scope:	eq	version:	1.3.18	Trust: 1.0
vendor:	hp	model:	virtualvault	scope:	eq	version:	4.7	Trust: 1.0
vendor:	avaya	model:	network routing	scope:	eq	version:	*	Trust: 1.0
vendor:	avaya	model:	mn100	scope:	eq	version:	*	Trust: 1.0
vendor:	avaya	model:	modular messaging message storage server	scope:	eq	version:	2.0	Trust: 1.0
vendor:	apache	model:	http server	scope:	eq	version:	1.3.20	Trust: 1.0
vendor:	apache	model:	http server	scope:	eq	version:	1.3.6	Trust: 1.0
vendor:	apache	model:	http server	scope:	eq	version:	1.3.22	Trust: 1.0
vendor:	apache	model:	http server	scope:	eq	version:	1.3.9	Trust: 1.0
vendor:	apache	model:	http server	scope:	eq	version:	1.3	Trust: 1.0
vendor:	sco	model:	openserver	scope:	eq	version:	5.0.6	Trust: 1.0
vendor:	apache	model:	http server	scope:	eq	version:	1.3.26	Trust: 1.0
vendor:	apache	model:	http server	scope:	eq	version:	1.3.27	Trust: 1.0
vendor:	apache	model:	http server	scope:	eq	version:	1.3.23	Trust: 1.0
vendor:	apache	model:	http server	scope:	eq	version:	1.3.24	Trust: 1.0
vendor:	hp	model:	webproxy	scope:	eq	version:	a.02.00	Trust: 1.0
vendor:	sun	model:	sunos	scope:	eq	version:	5.8	Trust: 1.0
vendor:	apache	model:	http server	scope:	eq	version:	1.3.19	Trust: 1.0
vendor:	apache	model:	http server	scope:	eq	version:	1.3.14	Trust: 1.0
vendor:	apache	model:	http server	scope:	eq	version:	1.3.3	Trust: 1.0
vendor:	apache	model:	http server	scope:	eq	version:	1.3.28	Trust: 1.0
vendor:	hp	model:	virtualvault	scope:	eq	version:	4.6	Trust: 1.0
vendor:	apple	model:	apache mod digest apple	scope:	eq	version:	*	Trust: 1.0
vendor:	apache	model:	http server	scope:	eq	version:	1.3.17	Trust: 1.0
vendor:	apache	model:	http server	scope:	eq	version:	1.3.12	Trust: 1.0
vendor:	apache	model:	http server	scope:	eq	version:	1.3.25	Trust: 1.0
vendor:	apache	model:	http server	scope:	eq	version:	1.3.4	Trust: 1.0
vendor:	apache	model:	http server	scope:	eq	version:	1.3.1	Trust: 1.0
vendor:	openbsd	model:	openbsd	scope:	eq	version:	current	Trust: 1.0
vendor:	sun	model:	solaris 9 x86	scope:	-	version:	-	Trust: 0.3
vendor:	sun	model:	solaris	scope:	eq	version:	9	Trust: 0.3
vendor:	sun	model:	solaris 8 x86	scope:	-	version:	-	Trust: 0.3
vendor:	sun	model:	solaris 8 sparc	scope:	-	version:	-	Trust: 0.3
vendor:	sco	model:	open server	scope:	eq	version:	5.0.7	Trust: 0.3
vendor:	sco	model:	open server	scope:	eq	version:	5.0.6	Trust: 0.3
vendor:	redhat	model:	stronghold	scope:	eq	version:	4.0	Trust: 0.3
vendor:	openbsd	model:	-current	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	webproxy a.02.10	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	webproxy a.02.00	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	virtualvault a.04.70	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	virtualvault a.04.60	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	virtualvault a.04.50	scope:	-	version:	-	Trust: 0.3
vendor:	avaya	model:	network routing	scope:	-	version:	-	Trust: 0.3
vendor:	avaya	model:	modular messaging	scope:	eq	version:	2.0	Trust: 0.3
vendor:	avaya	model:	modular messaging	scope:	eq	version:	1.1	Trust: 0.3
vendor:	avaya	model:	mn100	scope:	-	version:	-	Trust: 0.3
vendor:	avaya	model:	intuity lx	scope:	-	version:	-	Trust: 0.3
vendor:	apple	model:	mod digest apple	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	1.3.29	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	1.3.28	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	1.3.27	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	1.3.26	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	1.3.25	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	1.3.24	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	1.3.23	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	1.3.22	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	1.3.20	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	1.3.19	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	1.3.18	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	1.3.17	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	1.3.14	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	1.3.12	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	1.3.11	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	1.3.9	Trust: 0.3
vendor:	apache	model:	-dev	scope:	eq	version:	1.3.7	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	1.3.6	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	1.3.4	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	1.3.3	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	1.3.1	Trust: 0.3
vendor:	apache	model:	apache	scope:	eq	version:	1.3	Trust: 0.3
vendor:	posadis	model:	posadis	scope:	ne	version:	1.3.31	Trust: 0.3
vendor:	apache	model:	apache	scope:	ne	version:	1.3.31	Trust: 0.3

sources: BID: 9571 // CNNVD: CNNVD-200402-019 // NVD: CVE-2004-1082

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2004-1082
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200402-019
value:	HIGH
Trust: 0.6
VULHUB:	VHN-9512
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2004-1082
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-9512
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-9512 // CNNVD: CNNVD-200402-019 // NVD: CVE-2004-1082

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-1082

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200402-019

TYPE

access verification error

Trust: 0.6

sources: CNNVD: CNNVD-200402-019

EXTERNAL IDS

db:	BID	id:	9571	Trust: 2.0
db:	NVD	id:	CVE-2004-1082	Trust: 2.0
db:	SECTRACK	id:	1012414	Trust: 1.7
db:	XF	id:	18347	Trust: 0.6
db:	APPLE	id:	APPLE-SA-2004-12-02	Trust: 0.6
db:	CIAC	id:	P-049	Trust: 0.6
db:	CNNVD	id:	CNNVD-200402-019	Trust: 0.6
db:	VULHUB	id:	VHN-9512	Trust: 0.1

sources: VULHUB: VHN-9512 // BID: 9571 // CNNVD: CNNVD-200402-019 // NVD: CVE-2004-1082

REFERENCES

url:	http://lists.apple.com/archives/security-announce/2004/dec/msg00000.html	Trust: 1.7
url:	http://www.securityfocus.com/bid/9571	Trust: 1.7
url:	http://www.ciac.org/ciac/bulletins/p-049.shtml	Trust: 1.7
url:	http://www.securitytracker.com/alerts/2004/dec/1012414.html	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/18347	Trust: 1.1
url:	http://xforce.iss.net/xforce/xfdb/18347	Trust: 0.6
url:	http://www.mail-archive.com/dev@httpd.apache.org/msg19005.html	Trust: 0.3
url:	http://httpd.apache.org/	Trust: 0.3
url:	http://support.avaya.com/elmodocs2/security/asa-2005-010_rhsa-2004-600.pdf	Trust: 0.3
url:	http://www.openbsd.org/errata.html	Trust: 0.3
url:	http://rhn.redhat.com/errata/rhsa-2004-600.html	Trust: 0.3
url:	http://rhn.redhat.com/errata/rhsa-2005-816.html	Trust: 0.3
url:	http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57628	Trust: 0.3

sources: VULHUB: VHN-9512 // BID: 9571 // CNNVD: CNNVD-200402-019 // NVD: CVE-2004-1082

CREDITS

Dirk-Willem van Gulik OpenPKG※ openpkg@openpkg.org

Trust: 0.6

sources: CNNVD: CNNVD-200402-019

SOURCES

db:	VULHUB	id:	VHN-9512
db:	BID	id:	9571
db:	CNNVD	id:	CNNVD-200402-019
db:	NVD	id:	CVE-2004-1082

LAST UPDATE DATE

2024-08-14T12:08:30.776000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-9512	date:	2018-10-30T00:00:00
db:	BID	id:	9571	date:	2009-07-12T02:06:00
db:	CNNVD	id:	CNNVD-200402-019	date:	2006-08-31T00:00:00
db:	NVD	id:	CVE-2004-1082	date:	2018-10-30T16:25:37.090

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-9512	date:	2004-02-03T00:00:00
db:	BID	id:	9571	date:	2004-02-03T00:00:00
db:	CNNVD	id:	CNNVD-200402-019	date:	2003-07-18T00:00:00
db:	NVD	id:	CVE-2004-1082	date:	2004-02-03T05:00:00