Arbitrary Account Attribute Disclosure Vulnerability in PvPGN

Arbitrary Account Attribute Disclosure Vulnerability in PvPGN

CVE-2004-2705 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Unspecified vulnerability in Player vs. Player Gaming Network (PvPGN) before 1.6.4 allows remote attackers to obtain attributes of arbitrary accounts, including the password hash, via certain statsreq packets.

Learn more about our Network Penetration Testing.