Common Vulnerabilities and Exposures assigned an identifier CVE-2003-0987 to the following vulnerability: mod_digest for Apache before 1.3.31 does not properly verify the nonce of a client response by using a AuthNonce secret. References: http://www.mail-archive.com/dev@httpd.apache.org/msg19007.html http://www.mail-archive.com/dev@httpd.apache.org/msg19014.html http://www.mandriva.com/security/advisories?name=MDKSA-2004:046 http://www.redhat.com/support/errata/RHSA-2004-600.html http://www.redhat.com/support/errata/RHSA-2005-816.html http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.529643 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1 http://www.trustix.org/errata/2004/0027 http://marc.theaimsgroup.com/?l=bugtraq&m=108437852004207&w=2 http://security.gentoo.org/glsa/glsa-200405-22.xml http://www.securityfocus.com/bid/9571 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:4416 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:100108 http://securitytracker.com/id?1008920 http://xforce.iss.net/xforce/xfdb/15041
The mod_digest module does not properly verify the nonce of a client response by using a AuthNonce secret. This could allow a malicious user who is able to sniff network traffic to conduct a replay attack against a website using Digest protection. Note that mod_digest implements an older version of the MD5 Digest Authentication specification, which is known not to work with modern browsers. This issue does not affect mod_auth_digest. (CAN-2003-0987).
This was addressed via: Red Hat Enterprise Linux version 2.1 (RHSA-2004:600/0 Red Hat Stronghold 4 (RHSA-2004:653) Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1) (RHSA-2005:816)