Surfnet 1.31 - Unauthorized Account Depositing

Author: Rift_XT
type: local
platform: windows
port: 
date_added: 2004-01-02 
date_updated: 2012-12-19 
verified: 1 
codes: OSVDB-16994 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/9347/info

Surfnet kiosks are prone to a vulnerability that may permit kiosk users to deposit extra time into kiosk accounts. This reportedly occurs when a user attempts to authenticate to the kiosk, causing their time to be doubled for each attempt.

C:\Surfnet\WWWRoot\CMD_Existing_Account_Attempt:Login=Username:Password=Password