|
|
|
|
|
|
by thinkbud
2444 days ago
|
|
|
Deja Vu. > you can send the callee the message the caller gets when the callee answers This is the exact same type of bug that was in libssh:
https://www.nccgroup.trust/uk/our-research/technical-advisor... "possible to bypass authentication by presenting to the server an SSH2_MSG_USERAUTH_SUCCESS message in place of the SSH2_MSG_USERAUTH_REQUEST message which the server would expect to initiate authentication" Also, Apple had a FaceTime bug of very similar nature: https://www.theverge.com/2019/1/28/18201383/apple-facetime-b... "you begin calling somebody via FaceTime Video from within the Phone app. Before that person picks up, you can swipe up to add your own phone number to the call. Once you’ve added yourself, FaceTime immediately seems to assume it’s an active conference call and begins sending the audio of the person you’re calling" |
|
|