Flaws in BT chat sites expose users
Via The Register.
A third party website allowing unrestricted access to Oceanfree and IOL chat sites could enable visitors to view the IP address and domain names of the sites' 'chatters.'
Through the use of a third party website, industry experts have discovered a method for logging into BT Ireland's Oceanfree or IOL chat sites without registering on the system, giving them the ability to impersonate other visitors to the site. What's more, experts have found a vulnerability on the BT Ireland chat sites which reveal not only the IP addresses of other active visitors, but also host names which could be used to pinpoint the physical location of certain visitors.
Responding to questions about the vulnerability of the system, a spokesperson from BT Ireland said efforts would be made to repair the defect. However if a solution cannot be found, "we will need to review the chat servers as a viable entity," the spokesperson told ElectricNews.Net.
0 Comments:
Post a Comment
<< Home