[VOIPSEC] [Voptalk] Sample exploit code associated with the skype service disruption
Raul Siles
raul.siles at gmail.com
Mon Aug 20 10:44:59 CDT 2007
Hi Peter,
Skype's explanation is very different... Windows updates!
http://isc.sans.org/diary.html?storyid=3292
http://heartbeat.skype.com/2007/08/what_happened_on_august_16.html
The truth is out there! ;)
Raul
On 8/20/07, Peter Thermos <peter.thermos at palindrometech.com> wrote:
> It appears that lasts week's Skype service disruptions are associated with a
> malformed address URI submitted by a Skype client. Sending a long malformed
> URI cripples the Skype server which causes the Skype client to reconnect to
> the next Skype server and submits the same query which has the same effect.
> In essence the attacker can traverse the list of Skype servers and disrupt
> the entire Skype network.
>
> Here is the link to the code.
> http://en.securitylab.ru/poc/extra/301419.php
>
> Does anyone have any additional info on this?
>
> Peter
>
> _______________________________________________
> - The VoPSecurity Forum -
>
> To post a message to the mailing list send an email to [
> voptalk_at_lists.vopsecurity.org ]
>
More information about the Voipsec
mailing list