Session Management Flaw in MDaemon and WorldClient by Alt-N
CVE-2005-4266

Currently unrated

Key Information:

Vendor: Alt-n
Status: Mdaemon; Worldclient
Vendor: CVE Published:; 15 December 2005

What is CVE-2005-4266?

A vulnerability in the WorldClient.dll of MDaemon and WorldClient versions 8.1.3 allows remote attackers to execute unauthorized actions on behalf of other users by exploiting a Session parameter that does not adequately validate the associated session ID. This oversight can be exploited through guessing or sniffing techniques, compromising the integrity of user sessions and enabling potential unauthorized access.

References

http://www.ipomonis.com/advisories/mdaemon.zip

x_refsource_MISC

http://secunia.com/advisories/17990

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 15, 2005

Alt-n

What is CVE-2005-4266?

References

Timeline