CVE-2005-2403

The login protocol in RealChat 3.5.1b does not use authentication, which allows remote attackers to log on as other users by sniffing the beginning of a chat session and replaying it via a modified username.

Date published : 2005-07-27

http://www.securityfocus.com/bid/14358

http://seclists.org/lists/bugtraq/2005/Jul/0403.html