CVE-2003-0974

Applied Watch Command Center - CSRF

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2003-0974. PoCs published by Bugtraq Security.

AI-analyzed exploit summary This exploit demonstrates an authentication bypass vulnerability in a system, allowing an attacker to add arbitrary IDS alerts and user accounts. It crafts a malicious packet with a specific ruleset and sends it over an SSL connection to the target host.

Description

Applied Watch Command Center allows remote attackers to conduct unauthorized activities without authentication, such as (1) add new users to a console, as demonstrated using appliedsnatch.c, or (2) add spurious IDS rules to sensors, as demonstrated using addrule.c.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Bugtraq Security · cremotemultiple
https://www.exploit-db.com/exploits/23405

This exploit demonstrates an authentication bypass vulnerability in a system, allowing an attacker to add arbitrary IDS alerts and user accounts. It crafts a malicious packet with a specific ruleset and sends it over an SSL connection to the target host.

Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: Unknown (likely an IDS or security console, CVE-2003-0974)
No auth needed
Prerequisites: Network access to the target system · SSL/TLS support on the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Bugtraq Security · cremotemultiple
https://www.exploit-db.com/exploits/23404

This exploit demonstrates an authentication bypass vulnerability in an unspecified system, allowing an attacker to add arbitrary user accounts via a crafted SSL-encrypted packet. The PoC constructs a malicious packet with attacker-supplied credentials and sends it to the target server.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: Unspecified (likely a network security console or IDS management system)
No auth needed
Prerequisites: Network access to the target system · SSL/TLS support on the target port
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/9124
Various Sources x_refsource_misc
http://www.bugtraq.org/advisories/_BSSADV-0000.txt
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=107004362416252&w=2
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=107005523025918&w=2
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=107031196324376&w=2

Scores

EPSS 0.0329
EPSS Percentile 86.9%

Details

Status published
Products (1)
applied_watch_technologies/applied_watch_command_center 1.0
Published Dec 15, 2003
Tracked Since Feb 18, 2026