Vulnerability Details CVE-2005-4266
WorldClient.dll in Alt-N MDaemon and WorldClient 8.1.3 trusts a Session parameter that contains a randomly generated session ID that is associated with a username, which allows remote attackers to perform actions as other users by guessing or sniffing the random value.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.3%
CVSS Severity
CVSS v2 Score 7.5
References
Products affected by CVE-2005-4266
-
cpe:2.3:a:alt-n:mdaemon:8.1.3
-
cpe:2.3:a:alt-n:worldclient:8.1.3