Unrated severityNVD Advisory· Published Feb 3, 2004· Updated Apr 16, 2026
CVE-2004-1082
CVE-2004-1082
Description
mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.
Affected products
47cpe:2.3:a:apache:http_server:1.3:*:*:*:*:*:*:*+ 21 more
- cpe:2.3:a:apache:http_server:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.12:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.14:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.17:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.18:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.19:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.20:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.22:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.23:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.24:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.25:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.26:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.27:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.28:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.29:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.7:*:dev:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:apple:apache_mod_digest_apple:*:*:*:*:*:*:*:*
cpe:2.3:a:avaya:communication_manager:1.1:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:avaya:communication_manager:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:communication_manager:1.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:communication_manager:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:communication_manager:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:intuity_audix_lx:*:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:network_routing:*:*:*:*:*:*:*:*
cpe:2.3:a:hp:virtualvault:4.5:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:hp:virtualvault:4.5:*:*:*:*:*:*:*
- cpe:2.3:a:hp:virtualvault:4.6:*:*:*:*:*:*:*
- cpe:2.3:a:hp:virtualvault:4.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:http_server:1.3.19:*:*:*:*:*:*:*
cpe:2.3:o:avaya:modular_messaging_message_storage_server:1.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:avaya:modular_messaging_message_storage_server:1.1:*:*:*:*:*:*:*
- cpe:2.3:o:avaya:modular_messaging_message_storage_server:2.0:*:*:*:*:*:*:*
cpe:2.3:o:sco:openserver:5.0.6:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:sco:openserver:5.0.6:*:*:*:*:*:*:*
- cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*
cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*+ 2 more
- cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- lists.apple.com/archives/security-announce/2004/Dec/msg00000.htmlnvdPatchVendor Advisory
- www.ciac.org/ciac/bulletins/p-049.shtmlnvdPatchVendor Advisory
- www.securityfocus.com/bid/9571nvdPatchVendor Advisory
- www.securitytracker.com/alerts/2004/Dec/1012414.htmlnvdPatchVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/18347nvd
News mentions
0No linked articles in our index yet.