[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Skype account + IM history hijack vulnerability

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Skype account + IM history hijack vulnerability
From: Kirils Solovjovs <kirils.solovjovs@xxxxxxxxxx>
Date: Wed, 14 Nov 2012 12:20:10 +0200

The team has worked around this and are now trying to fix the
bug/feature. :)

http://www.reddit.com/r/netsec/comments/13664q/skype_vulnerability_allowing_hijacking_of_any/


P.S. Not to say that there aren't any other security bugs to come. Use a
secure  client!

-- 
Kirils Solovjovs

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Skype account + IM history hijack vulnerability
  - From: Benji
- Re: [Full-disclosure] Skype account + IM history hijack vulnerability
  - From: klondike
- Re: [Full-disclosure] Skype account + IM history hijack vulnerability
  - From: Jeffrey Walton

Prev by Date: Re: [Full-disclosure] GOOD for Enterprise (GMA) below 2.0.2 vulnerable to MITM
Next by Date: Re: [Full-disclosure] Skype account + IM history hijack vulnerability
Previous by thread: [Full-disclosure] Readdle: User traking (device UUID) over plaintext HTTP in query parameter
Next by thread: Re: [Full-disclosure] Skype account + IM history hijack vulnerability
Index(es):
- Date
- Thread