header-logo
Suggest Exploit
vendor:
Voodoo chat
by:
bd0rk
7,5
CVSS
HIGH
Password Disclosure Vulnerability
200
CWE
Product Name: Voodoo chat
Affected Version From: 1.0RC1b
Affected Version To: 1.0RC1b
Patch Exists: NO
Related CWE: N/A
CPE: a:voodoo_chat:voodoo_chat
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

Voodoo chat 1.0RC1b Password Disclosure Vulnerability

A vulnerability exists in Voodoo chat 1.0RC1b which allows an attacker to view the passwords of all users. This is done by accessing the users.dat file located in the data directory of the application.

Mitigation:

Ensure that the users.dat file is not accessible from the web.
Source

Exploit-DB raw data:

                    Voodoo chat 1.0RC1b Password Disclosure Vulnerability



Affected Software: Voodoo chat 1.0RC1b

Download: http://switch.dl.sourceforge.net/sourceforge/voc/voc-1.0RC1b.zip

Found3R: bd0rk

Website: www.soh-crew.it.tt

Contact: bd0rk[at]hackermail.com

Greetings: str0ke, Perle, TheJT, Shizoe

[+]Exploit: http://[yourh0st]/[voodoo_chat_dir]/data/users.dat



#####The german Hacker bd0rk#####

# milw0rm.com [2006-12-30]

Navigation

Suggest Exploit

Services By CQR