CVE-2003-0493

Snitz Forums 3.4.03 and earlier allows attackers to gain privileges as other users by stealing and replaying the encrypted password after obtaining a valid session ID.

Published: Aug 7, 2003
Updated: Apr 13, 2023
CVE: CVE-2003-0493
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
snitz_communications / snitz_forums_2000	3.4.03	3.4.03.x

http://marc.info/?l=bugtraq&m=105578322012128&w=2
http://www.securityfocus.com/bid/7924

Vulnerability Database

291,049

CVE-2003-0493