Vulnerability Development mailing list archives
Re: Skype 2.0.0.97 Major BUG
From: "Eliah Kagan" <degeneracypressure () gmail com>
Date: Thu, 18 May 2006 22:46:47 +0000
Why is this a security problem at all? This seems to be an intended behavior that doesn't carry any security risk. If an untrusted person is able to sign on with my Skype account, or access my Skype sessions once logged on, then my security is already compromised. And if such a person is *not* able to do this, then they cannot exploit the "bug" of which you speak. It seems that it would be a useful feature for Skype to provide alerts in both simultaneous sessions telling of what is going on, but I wouldn't call the absence of that feature a "security hole." -Eliah On 5/18/06, Burak ŞEKERCİOĞLU <bsekercioglu.bt () gmail com> wrote:
Last day i found a new security hole on Skype 2.0. It is a major bug for skype users. For example; if you have a skype account you can login with your account on two different pc at the same time. And skype program don't alert "about another user logged in with your account on different pc". And the biggest hole is if you are conversating (CHAT) with your friend the other pc can view your conversations and if your friend send to you a file, the other pc can get it,too without your information. I wrote this BUG to SKYPE FORUMS and mail groups.. Best Regards Burak SEKERCIOGLU MSN: sekeroglan_ () hotmail com
Current thread:
- Skype 2.0.0.97 Major BUG Burak ŞEKERCİOĞLU (May 18)
- Re: Skype 2.0.0.97 Major BUG Eliah Kagan (May 18)
- Re: Skype 2.0.0.97 Major BUG Dalibor Straka (May 18)
- Re: Skype 2.0.0.97 Major BUG Eliah Kagan (May 18)
- Re: Skype 2.0.0.97 Major BUG Dalibor Straka (May 18)
- Re: Skype 2.0.0.97 Major BUG Alice Bryson (May 18)
- Re: Skype 2.0.0.97 Major BUG Eliah Kagan (May 18)