Vulnerabilities > CVE-2005-2403 - Unspecified vulnerability in Realchat 3.5.1B

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

realchat

NVD

Published: 2005-07-27

Updated: 2017-07-11

Summary

The login protocol in RealChat 3.5.1b does not use authentication, which allows remote attackers to log on as other users by sniffing the beginning of a chat session and replaying it via a modified username.

Vulnerable Configurations

Part	Description	Count
Application	Realchat Realchat Realchat 3.5.1B	1

References

http://seclists.org/lists/bugtraq/2005/Jul/0403.html
http://securitytracker.com/id?1014562
http://www.securityfocus.com/bid/14358
https://exchange.xforce.ibmcloud.com/vulnerabilities/21497