← back
CVE-2005-2403

CVE-2005-2403

EPSS 1.5%
The login protocol in RealChat 3.5.1b does not use authentication, which allows remote attackers to log on as other users by sniffing the beginning of a chat session and replaying it via a modified username.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://seclists.org/lists/bugtraq/2005/Jul/0403.htmlhttp://securitytracker.com/id?1014562https://exchange.xforce.ibmcloud.com/vulnerabilities/21497http://www.securityfocus.com/bid/14358