Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Vulnerability Development: Re: Skype 2.0.0.97 Major BUG

Re: Skype 2.0.0.97 Major BUG

From: Eliah Kagan <degeneracypressure_at_gmail.com>
Date: Fri, 19 May 2006 00:59:49 +0000

On 5/19/06, Dalibor Straka <dast_at_panelnet.cz> wrote:
> On Thu, May 18, 2006 at 10:46:47PM +0000, Eliah Kagan wrote:
> > Why is this a security problem at all? This seems to be an intended
> > behavior that doesn't carry any security risk.
> >
> > If an untrusted person is able to sign on with my Skype account, or
> > access my Skype sessions once logged on, then my security is already
> > compromised. And if such a person is *not* able to do this, then they
> > cannot exploit the "bug" of which you speak.
> >
> > It seems that it would be a useful feature for Skype to provide alerts
> > in both simultaneous sessions telling of what is going on, but I
> > wouldn't call the absence of that feature a "security hole."
> >
>
> A warning message would be very appreciated and appropriate solution.

With that, I agree.

-Eliah
Received on May 18 2006

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos