CVE-2005-2403 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2005-2403

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

The login protocol in RealChat 3.5.1b does not use authentication, which allows remote attackers to log on as other users by sniffing the beginning of a chat session and replaying it via a modified username.

Affected Software

Name	Vendor	Start Version	End Version
Realchat	Realchat	3.5.1b (including)	3.5.1b (including)

References

http://seclists.org/lists/bugtraq/2005/Jul/0403.html
http://securitytracker.com/id?1014562
http://www.securityfocus.com/bid/14358
https://exchange.xforce.ibmcloud.com/vulnerabilities/21497
http://seclists.org/lists/bugtraq/2005/Jul/0403.html
http://securitytracker.com/id?1014562
http://www.securityfocus.com/bid/14358
https://exchange.xforce.ibmcloud.com/vulnerabilities/21497