Apache – CVE-2003-0987

Description

Kayran has detected that the version of Apache HTTP Server being used is vulnerable to mod_digest nonce checking. Professionally named CVE-2003-0987.

The mod_digest being used does not properly verify the nonce of a client’s response by using a AuthNonce secret.
This could allow malicious users who are able to “sniff” network traffic to conduct a replay attack against your website by using Digest protection.
Remote attackers could abuse this Information Disclosure to obtain potentially sensitive information, assisting them in initiating attacks.

This will cause a decrease in performance and also for interruptions in the availability of resources.
Also, there’s a chance that this vulnerability will allow attackers to modify system files and information.

Recommendation

To deal with CVE-2003-0987, upgrade the version of Apache HTTP Server being used to 1.3.31 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0987

< Return to all Vulnerabilities

HAR Files

In this article, I’ll talk and explain about HAR Files, so if you don’t know what they are, or, what do we use them for,

Read More »

Using VPN

What is a VPN? Why should someone be using VPN? Which Problems does is solve? and what is the advantages and disadvantages of it? Let’s

Read More »