Skip to main content

Security problem with groups

1 reply [Last post]
jtanago
Offline
Joined: 2008-06-18

Hi!

I've realized that if I create a group with login/password (as explained in the Chapter17 of Programmer's Guide) I can join that group and get a valid credential without enter login/password if I delete the service param of the peer group advertisement:

login3:UJKTI3:

Is this a vulnerability?

Message was edited by: jtanago

Message was edited by: jtanago

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
jtanago
Offline
Joined: 2008-06-18

I've edit the last post because it was a mistake. The new edited post is the right one.

Message was edited by: jtanago

Message was edited by: jtanago