[Voptalk] FW: Sample exploit code associated with the skype servicedisruption

[support at sjobeck.com]

Dear All,

Skype is lying.
 
Jason Sjöbeck



-----Original Message-----
From: voptalk-bounces at lists.vopsecurity.org
[mailto:voptalk-bounces at lists.vopsecurity.org] On Behalf Of Raul Siles
Sent: Monday, 2007 August 20 08:45
To: peter.thermos at palindrometech.com
Cc: voipsec at voipsa.org; voptalk at vopsecurity.org
Subject: Re: [Voptalk] Sample exploit code associated with the skype
servicedisruption

Hi Peter,
Skype's explanation is very different... Windows updates!

http://isc.sans.org/diary.html?storyid=3292
http://heartbeat.skype.com/2007/08/what_happened_on_august_16.html

The truth is out there! ;)
Raul

On 8/20/07, Peter Thermos <peter.thermos at palindrometech.com> wrote:
> It appears that lasts week's Skype service disruptions are
associated 
> with a malformed address URI submitted by a Skype client. Sending a 
> long malformed URI cripples the Skype server which causes the Skype 
> client to reconnect to the next Skype server and submits the same
query which has the same effect.
> In essence the attacker can traverse the list of Skype servers and 
> disrupt the entire Skype network.
>
> Here is the link to the code.
> http://en.securitylab.ru/poc/extra/301419.php
>
> Does anyone have any additional info on this?
>
> Peter
>
> _______________________________________________
> - The VoPSecurity Forum -
>
> To post a message to the mailing list send an email to [ 
> voptalk_at_lists.vopsecurity.org ]
>
_______________________________________________
- The VoPSecurity Forum -

To post a message to the mailing list send an email to [
voptalk_at_lists.vopsecurity.org ] 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3412 bytes
Desc: not available
Url : http://lists.vopsecurity.org/pipermail/voptalk/attachments/20070820/e04571e7/attachment.bin