On Tue, Feb 03, 2004 at 10:37:33PM +0100, J.H.M. Dassen (Ray) wrote:
Package: apache
Version: 1.3.29.0.1-5
Severity: grave
Tags: security patch
Candidate: CAN-2003-0987
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0987
Phase: Assigned (20031216)
Category: SF
Reference:
On Tue, Feb 03, 2004 at 14:05:25 -0800, Matt Zimmerman wrote:
mod_digest for Apache does not properly verify the nonce of a client
response by using a AuthNonce secret.
Can anyone explain the true impact of this bug?
I'm not sure, but this is my best guess/interpretation from googling
2 matches
Mail list logo