CVE-2004-1082

Severity Score

7.5

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.

*Credits: N/A

CVSS Scores

NISTv2 7.5

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2004-02-03 CVE Published
2004-11-30 CVE Reserved
2023-03-08 EPSS Updated
2024-08-08 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (5)

URL	Tag	Source
https://exchange.xforce.ibmcloud.com/vulnerabilities/18347	Vdb Entry

URL	Date	SRC

URL	Date	SRC
http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html	2018-10-30
http://www.ciac.org/ciac/bulletins/p-049.shtml	2018-10-30
http://www.securityfocus.com/bid/9571	2018-10-30
http://www.securitytracker.com/alerts/2004/Dec/1012414.html	2018-10-30

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Apache Search vendor "Apache"		Http Server Search vendor "Apache" for product "Http Server"				1.3 Search vendor "Apache" for product "Http Server" and version "1.3"		-		Affected
Apache Search vendor "Apache"		Http Server Search vendor "Apache" for product "Http Server"				1.3.1 Search vendor "Apache" for product "Http Server" and version "1.3.1"		-		Affected
Apache Search vendor "Apache"		Http Server Search vendor "Apache" for product "Http Server"				1.3.3 Search vendor "Apache" for product "Http Server" and version "1.3.3"		-		Affected
Apache Search vendor "Apache"		Http Server Search vendor "Apache" for product "Http Server"				1.3.4 Search vendor "Apache" for product "Http Server" and version "1.3.4"		-		Affected
Apache Search vendor "Apache"		Http Server Search vendor "Apache" for product "Http Server"				1.3.6 Search vendor "Apache" for product "Http Server" and version "1.3.6"		-		Affected
Apache Search vendor "Apache"		Http Server Search vendor "Apache" for product "Http Server"				1.3.7 Search vendor "Apache" for product "Http Server" and version "1.3.7"		dev		Affected
Apache Search vendor "Apache"		Http Server Search vendor "Apache" for product "Http Server"				1.3.9 Search vendor "Apache" for product "Http Server" and version "1.3.9"		-		Affected
Apache Search vendor "Apache"		Http Server Search vendor "Apache" for product "Http Server"				1.3.11 Search vendor "Apache" for product "Http Server" and version "1.3.11"		-		Affected
Apache Search vendor "Apache"		Http Server Search vendor "Apache" for product "Http Server"				1.3.12 Search vendor "Apache" for product "Http Server" and version "1.3.12"		-		Affected
Apache Search vendor "Apache"		Http Server Search vendor "Apache" for product "Http Server"				1.3.14 Search vendor "Apache" for product "Http Server" and version "1.3.14"		-		Affected
Apache Search vendor "Apache"		Http Server Search vendor "Apache" for product "Http Server"				1.3.17 Search vendor "Apache" for product "Http Server" and version "1.3.17"		-		Affected
Apache Search vendor "Apache"		Http Server Search vendor "Apache" for product "Http Server"				1.3.18 Search vendor "Apache" for product "Http Server" and version "1.3.18"		-		Affected
Apache Search vendor "Apache"		Http Server Search vendor "Apache" for product "Http Server"				1.3.19 Search vendor "Apache" for product "Http Server" and version "1.3.19"		-		Affected
Apache Search vendor "Apache"		Http Server Search vendor "Apache" for product "Http Server"				1.3.20 Search vendor "Apache" for product "Http Server" and version "1.3.20"		-		Affected
Apache Search vendor "Apache"		Http Server Search vendor "Apache" for product "Http Server"				1.3.22 Search vendor "Apache" for product "Http Server" and version "1.3.22"		-		Affected
Apache Search vendor "Apache"		Http Server Search vendor "Apache" for product "Http Server"				1.3.23 Search vendor "Apache" for product "Http Server" and version "1.3.23"		-		Affected
Apache Search vendor "Apache"		Http Server Search vendor "Apache" for product "Http Server"				1.3.24 Search vendor "Apache" for product "Http Server" and version "1.3.24"		-		Affected
Apache Search vendor "Apache"		Http Server Search vendor "Apache" for product "Http Server"				1.3.25 Search vendor "Apache" for product "Http Server" and version "1.3.25"		-		Affected
Apache Search vendor "Apache"		Http Server Search vendor "Apache" for product "Http Server"				1.3.26 Search vendor "Apache" for product "Http Server" and version "1.3.26"		-		Affected
Apache Search vendor "Apache"		Http Server Search vendor "Apache" for product "Http Server"				1.3.27 Search vendor "Apache" for product "Http Server" and version "1.3.27"		-		Affected
Apache Search vendor "Apache"		Http Server Search vendor "Apache" for product "Http Server"				1.3.28 Search vendor "Apache" for product "Http Server" and version "1.3.28"		-		Affected
Apache Search vendor "Apache"		Http Server Search vendor "Apache" for product "Http Server"				1.3.29 Search vendor "Apache" for product "Http Server" and version "1.3.29"		-		Affected
Apple Search vendor "Apple"		Apache Mod Digest Apple Search vendor "Apple" for product "Apache Mod Digest Apple"				*		-		Affected
Avaya Search vendor "Avaya"		Communication Manager Search vendor "Avaya" for product "Communication Manager"				1.1 Search vendor "Avaya" for product "Communication Manager" and version "1.1"		-		Affected
Avaya Search vendor "Avaya"		Communication Manager Search vendor "Avaya" for product "Communication Manager"				1.3.1 Search vendor "Avaya" for product "Communication Manager" and version "1.3.1"		-		Affected
Avaya Search vendor "Avaya"		Communication Manager Search vendor "Avaya" for product "Communication Manager"				2.0 Search vendor "Avaya" for product "Communication Manager" and version "2.0"		-		Affected
Avaya Search vendor "Avaya"		Communication Manager Search vendor "Avaya" for product "Communication Manager"				2.0.1 Search vendor "Avaya" for product "Communication Manager" and version "2.0.1"		-		Affected
Avaya Search vendor "Avaya"		Intuity Audix Lx Search vendor "Avaya" for product "Intuity Audix Lx"				*		-		Affected
Hp Search vendor "Hp"		Virtualvault Search vendor "Hp" for product "Virtualvault"				4.5 Search vendor "Hp" for product "Virtualvault" and version "4.5"		-		Affected
Hp Search vendor "Hp"		Virtualvault Search vendor "Hp" for product "Virtualvault"				4.6 Search vendor "Hp" for product "Virtualvault" and version "4.6"		-		Affected
Hp Search vendor "Hp"		Virtualvault Search vendor "Hp" for product "Virtualvault"				4.7 Search vendor "Hp" for product "Virtualvault" and version "4.7"		-		Affected
Hp Search vendor "Hp"		Webproxy Search vendor "Hp" for product "Webproxy"				a.02.00 Search vendor "Hp" for product "Webproxy" and version "a.02.00"		-		Affected
Hp Search vendor "Hp"		Webproxy Search vendor "Hp" for product "Webproxy"				a.02.10 Search vendor "Hp" for product "Webproxy" and version "a.02.10"		-		Affected
Ibm Search vendor "Ibm"		Http Server Search vendor "Ibm" for product "Http Server"				1.3.19 Search vendor "Ibm" for product "Http Server" and version "1.3.19"		-		Affected
Avaya Search vendor "Avaya"		Mn100 Search vendor "Avaya" for product "Mn100"				*		-		Affected
Avaya Search vendor "Avaya"		Network Routing Search vendor "Avaya" for product "Network Routing"				*		-		Affected
Avaya Search vendor "Avaya"		Modular Messaging Message Storage Server Search vendor "Avaya" for product "Modular Messaging Message Storage Server"				1.1 Search vendor "Avaya" for product "Modular Messaging Message Storage Server" and version "1.1"		-		Affected
Avaya Search vendor "Avaya"		Modular Messaging Message Storage Server Search vendor "Avaya" for product "Modular Messaging Message Storage Server"				2.0 Search vendor "Avaya" for product "Modular Messaging Message Storage Server" and version "2.0"		-		Affected
Openbsd Search vendor "Openbsd"		Openbsd Search vendor "Openbsd" for product "Openbsd"				3.4 Search vendor "Openbsd" for product "Openbsd" and version "3.4"		-		Affected
Openbsd Search vendor "Openbsd"		Openbsd Search vendor "Openbsd" for product "Openbsd"				3.5 Search vendor "Openbsd" for product "Openbsd" and version "3.5"		-		Affected
Openbsd Search vendor "Openbsd"		Openbsd Search vendor "Openbsd" for product "Openbsd"				current Search vendor "Openbsd" for product "Openbsd" and version "current"		-		Affected
Sco Search vendor "Sco"		Openserver Search vendor "Sco" for product "Openserver"				5.0.6 Search vendor "Sco" for product "Openserver" and version "5.0.6"		-		Affected
Sco Search vendor "Sco"		Openserver Search vendor "Sco" for product "Openserver"				5.0.7 Search vendor "Sco" for product "Openserver" and version "5.0.7"		-		Affected
Sun Search vendor "Sun"		Solaris Search vendor "Sun" for product "Solaris"				8.0 Search vendor "Sun" for product "Solaris" and version "8.0"		x86		Affected
Sun Search vendor "Sun"		Solaris Search vendor "Sun" for product "Solaris"				9.0 Search vendor "Sun" for product "Solaris" and version "9.0"		sparc		Affected
Sun Search vendor "Sun"		Solaris Search vendor "Sun" for product "Solaris"				9.0 Search vendor "Sun" for product "Solaris" and version "9.0"		x86		Affected
Sun Search vendor "Sun"		Sunos Search vendor "Sun" for product "Sunos"				5.8 Search vendor "Sun" for product "Sunos" and version "5.8"		-		Affected