CVE-2002-1656

Name of the Vulnerable Software and Affected Versions X-News (x news) versions 1.1 and earlier

Description The issue allows attackers to authenticate as other users by obtaining the MD5 checksum of the password and providing it in a cookie. This can be achieved by obtaining the MD5 checksum via sniffing or accessing the users.txt data file.

Recommendations For X-News (x news) versions 1.1 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.