[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <OF57050E26.6ED505AF-ONC1257CD2.003101B2-C1257CD2.00317B96@meko-s.de>
Date: Thu, 8 May 2014 11:00:29 +0200
From: HHeilemann@...o-s.de
To: fulldisclosure@...lists.org
Subject: [FD] Discussion: Teamviewer "Feature" or "Bug"?
Hello List,
today i remote-controlled a device with teamviewer. This is not very
special. But: with me connected was another person (technican) from another
company. He did some maintenance work on the device and me i simply
followed him.
Now, here comes the issue:
the technican copies with STRG+C and STRG-V some passes between his client
and the managed device.
I did nothing, exept opend a notepad on my computer and hit STRG+V several
times.
Guess what: his clipboard entries was shown in my notepad.
So: Is this a Feature or a Security Bug?
Mit freundlichen Grüßen,
i. A. Heiko Heilemann
-----------------------------------------------------------------------------------------
PGP Fingerprint:
EA45 F8FE 05AD 2D4B DF29 B14A 80B0 D800 B0B9 D63E
PGP Key ID: B0B9D63E
-----------------------------------------------------------------------------------------
MEKO-S GmbH
Lise-Meitner-Str. 6, 28359 Bremen
Telefon: +49 421 388 90 222
Telefax: +49 421 388 90 19
Mail: hheilemann@...o-s.de
http://www.meko-s.de
AG Bremen, HRB 20031
Geschäftsführer:
Peter Behrens, Luigi Argentato
Ein Unternehmen der Diersch & Schröder Gruppe, Bremen
Diese Mail enthält vertrauliche oder rechtlich geschützte
Informationen. Wenn Sie nicht der Adressat sind oder diese Mail
irrtümlich erhalten haben, informieren Sie bitte den Absender
und löschen Sie diese Mail.
Das unerlaubte Kopieren oder die
Weitergabe der Daten ist nicht gestattet.
------------------------------------
This message may contain confidential or privileged material.
Any unauthorized recipient is obliged to contact the sender and
delete the message without reading, reviewing, retransmitting or
disseminating it.
_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists