Public CVE-2004-0092 disclosure

mod_digest for Apache before 1.3.31 does not properly verify the nonce of a client response by using a AuthNonce secret.