Session Hijacking Vulnerability in Alt-N MDaemon and WorldClient 8.1.3

Session Hijacking Vulnerability in Alt-N MDaemon and WorldClient 8.1.3

CVE-2005-4266 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

WorldClient.dll in Alt-N MDaemon and WorldClient 8.1.3 trusts a Session parameter that contains a randomly generated session ID that is associated with a username, which allows remote attackers to perform actions as other users by guessing or sniffing the random value.

Learn more about our User Device Pen Test.