Vulnerabilities > CVE-2003-0493 - Authentication Bypass vulnerability in Snitz Communications Snitz Forums 2000 3.4.03

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
snitz-communications
critical
exploit available

Summary

Snitz Forums 3.4.03 and earlier allows attackers to gain privileges as other users by stealing and replaying the encrypted password after obtaining a valid session ID.

Vulnerable Configurations

Part Description Count
Application
Snitz_Communications
1

Exploit-Db

descriptionSnitz Forums 2000 < 3.4.0.3 - Multiple Vulnerabilities. Webapps exploit for Multiple platform
idEDB-ID:43445
last seen2018-01-24
modified2003-06-16
published2003-06-16
reporterExploit-DB
sourcehttps://www.exploit-db.com/download/43445/
titleSnitz Forums 2000 < 3.4.0.3 - Multiple Vulnerabilities