CVE-2003-0987Apache Http Server vulnerability

6 documents5 sources
Severity
7.5HIGHNVD
EPSS
19.6%
top 4.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apache Http Server
Timeline
PublishedMar 3
Latest updateApr 29

Description

mod_digest for Apache before 1.3.31 does not properly verify the nonce of a client response by using a AuthNonce secret.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDapache/http_server1.3.30

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-39fp-mw43-8h5q: mod_digest for Apache before 12022-04-29
CVEList
CVE-2003-0987: mod_digest for Apache before 12004-02-03

📋Vendor Advisories

1
Red Hat
httpd mod_digest nonce not verified2003-12-18

💬Community

2
Bugzilla
CVE-2003-0987 httpd mod_digest nonce not verified2008-01-28
Bugzilla
CVE-2003-0542 multiple flaws in Apache (CVE-2003-0542, CVE-2003-0987, CVE-2004-0940)2005-10-25
CVE-2003-0987 — Apache Http Server vulnerability | cvebase