Vulnerability Development mailing list archives
Re: Skype 2.0.0.97 Major BUG
From: "Eliah Kagan" <degeneracypressure () gmail com>
Date: Fri, 19 May 2006 00:59:49 +0000
On 5/19/06, Dalibor Straka <dast () panelnet cz> wrote:
On Thu, May 18, 2006 at 10:46:47PM +0000, Eliah Kagan wrote: > Why is this a security problem at all? This seems to be an intended > behavior that doesn't carry any security risk. > > If an untrusted person is able to sign on with my Skype account, or > access my Skype sessions once logged on, then my security is already > compromised. And if such a person is *not* able to do this, then they > cannot exploit the "bug" of which you speak. > > It seems that it would be a useful feature for Skype to provide alerts > in both simultaneous sessions telling of what is going on, but I > wouldn't call the absence of that feature a "security hole." > A warning message would be very appreciated and appropriate solution.
With that, I agree. -Eliah
Current thread:
- Skype 2.0.0.97 Major BUG Burak ŞEKERCİOĞLU (May 18)
- Re: Skype 2.0.0.97 Major BUG Eliah Kagan (May 18)
- Re: Skype 2.0.0.97 Major BUG Dalibor Straka (May 18)
- Re: Skype 2.0.0.97 Major BUG Eliah Kagan (May 18)
- Re: Skype 2.0.0.97 Major BUG Dalibor Straka (May 18)
- Re: Skype 2.0.0.97 Major BUG Alice Bryson (May 18)
- Re: Skype 2.0.0.97 Major BUG Eliah Kagan (May 18)