Apache – CVE-2003-0987

Description

Kayran has detected that the version of Apache HTTP Server being used is vulnerable to mod_digest nonce checking. Professionally named CVE-2003-0987.

The mod_digest being used does not properly verify the nonce of a client’s response by using a AuthNonce secret.
This could allow malicious users who are able to “sniff” network traffic to conduct a replay attack against your website by using Digest protection.
Remote attackers could abuse this Information Disclosure to obtain potentially sensitive information, assisting them in initiating attacks.

This will cause a decrease in performance and also for interruptions in the availability of resources.
Also, there’s a chance that this vulnerability will allow attackers to modify system files and information.

Recommendation

To deal with CVE-2003-0987, upgrade the version of Apache HTTP Server being used to 1.3.31 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0987

< Return to all Vulnerabilities

Active Directory Hacking

What does Active Directory mean? The Active Directory infrastructure is a critical infrastructure in most organizations, and it forms the backbone of the organization’s computing

Read More »

Using VPN

What is a VPN? Why should someone be using VPN? Which Problems does is solve? and what is the advantages and disadvantages of it? Let’s

Read More »