Newly found Skype exploit can reveal user's IP address

JMH · Apr 30, 2012

If you are using Skype, you might want to be aware of a newly discovered exploit that could be used by other Skype users to discover your remote and local IP addresses.
A post on the skype-open-source blog site (via News.com) reveals the details of this exploit.

http://www.neowin.net/news/newly-fo...&utm_campaign=Feed:+neowin-main+(Neowin+News)

Laxer · Apr 30, 2012

I don't see how this is an issue for most individuals...

Sure an individual could get hit by a DDOS attack but they could always contact their ISP to change IPs...

Any business should have appropriate measures set up to avoid such attacks.

The solution is probably simple but will be very hard to implement without forcing everyone to update skype before using...

GZ · Apr 30, 2012

Even so... Any software vulnerability like this, no matter how seemingly minor, should be rectified.

JMH · May 2, 2012

[h=2]Skype slurping software threatens IP exposure[/h]

Code posted online that can skim the last known IP address of users is being checked out by Skype as a possible security flaw.
The software, posted on Pastebin, works on a patched version of Skype 5.5 and involves adding a few registry keys that allow the attacker to check the IP address of users currently online without calling them.
Services like Whois will then give some other details on the city, country, internet provider and/or the internal IP-address of the target.

http://www.theregister.co.uk/2012/05/01/skype_ip_security/

JMH · May 3, 2012

Skype knew about IP address security flaw since November 2010

Skype learned about a security hole that reveals users' IP addresses about 18 months ago, according to the security researchers who discovered the vulnerability.

The vulnerability came to light last week, when Pastebin disclosed the simply executed exploit.

The hole allows for the surreptitious downloading of information from Skype users, including a victim's city, country, Internet provider and IP address.

http://nakedsecurity.sophos.com/201...Feed:+nakedsecurity+(Naked+Security+-+Sophos)

Search

Search

Newly found Skype exploit can reveal user's IP address

JMH

Emeritus, Contributor

Laxer

Co-Founder
Senior Administrator

GZ

Visiting Expert

JMH

Emeritus, Contributor

JMH

Emeritus, Contributor

Newly found Skype exploit can reveal user's IP address

JMH

Emeritus, Contributor

Laxer

Co-FounderSenior Administrator

GZ

Visiting Expert

JMH

Emeritus, Contributor

JMH

Emeritus, Contributor

Co-Founder
Senior Administrator