Apache – CVE-2003-0987

Description

Kayran has detected that the version of Apache HTTP Server being used is vulnerable to mod_digest nonce checking. Professionally named CVE-2003-0987.

The mod_digest being used does not properly verify the nonce of a client’s response by using a AuthNonce secret.
This could allow malicious users who are able to “sniff” network traffic to conduct a replay attack against your website by using Digest protection.
Remote attackers could abuse this Information Disclosure to obtain potentially sensitive information, assisting them in initiating attacks.

This will cause a decrease in performance and also for interruptions in the availability of resources.
Also, there’s a chance that this vulnerability will allow attackers to modify system files and information.

Recommendation

To deal with CVE-2003-0987, upgrade the version of Apache HTTP Server being used to 1.3.31 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0987

< Return to all Vulnerabilities

Passwords 101

Unlike basketballs, “passwords” are things we don’t want to be passed around, especially in a society built around the idea that “mystery” is appealing. We

Read More »

Exposing the GIT

Let’s start with defining the meaning of GIT. GIT – is an open-source system which we use as a tool to store data and information

Read More »