Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Web Server/CGI)  >   Apache HTTPD Vendors:   Apache Software Foundation
Apache HTTPD mod_auth_digest Weak Nonce Generation Lets Remote Users Bypass Replay Protection in Certain Cases
SecurityTracker Alert ID:  1040571
SecurityTracker URL:
CVE Reference:   CVE-2018-1312   (Links to External Site)
Date:  Mar 26 2018
Impact:   Modification of system information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2.2.0 to 2.4.29
Description:   A vulnerability was reported in Apache HTTPD mod_auth_digest. A remote user can bypass security controls on the target system.

The system does not properly generate an HTTP Digest authentication nonce. On systems that have a cluster of servers that use a common Digest authentication configuration, a remote user may be able to replay HTTP requests across the cluster without detection by the target server(s).
Nicolas Daniels reported this vulnerability.

Impact:   A remote user may be able to bypass replay protection on the target system in certain cases.
Solution:   The vendor has issued a fix (2.4.30).

The vendor advisory is available at:

Vendor URL: (Links to External Site)
Cause:   Randomization error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   None.

 Source Message Contents

Subject:  CVE-2018-1312: Weak Digest auth nonce generation in mod_auth_digest

CVE-2018-1312: Weak Digest auth nonce generation in mod_auth_digest

Severity: Low

Vendor: The Apache Software Foundation

Versions Affected:
httpd 2.2.0 to 2.4.29

When generating an HTTP Digest authentication challenge, the nonce
sent to prevent reply attacks was not correctly generated using a
pseudo-random seed.  In a cluster of servers using a common Digest
authentication configuration, HTTP requests could be replayed across
servers by an attacker without detection.
All httpd users should upgrade to 2.4.30 or later.

The issue was discovered by Nicolas Daniels.


Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, LLC