Skype Discloses IP Addresses to Remote Users
|
SecurityTracker Alert ID: 1026370 |
SecurityTracker URL: http://securitytracker.com/id/1026370
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Dec 3 2011
|
Impact:
Disclosure of user information
|
Vendor Confirmed: Yes
|
|
Description:
A vulnerability was reported in Skype. A remote user can determine the IP address of a Skype user.
A remote user can initiate a Skype call to a target user to determine the target user's IP address and then terminate the call before the target user's Skype application has indicated an incoming call.
The remote user does not need to be on the target user's contact list.
Researchers at Polytechnic Institute of New York University and at Inria reported this vulnerability.
|
Impact:
A remote user can determine the IP address of a Skype user.
|
Solution:
No solution was available at the time of this entry.
|
Vendor URL: www.skype.com/ (Links to External Site)
|
Cause:
Access control error
|
Underlying OS: Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
|
[Original Message Not Available for Viewing]
|
|