Skype Network Remote DoS Exploit

2007.08.21

Credit: Valery Marchuk

Risk: Low

Local: No

Remote: Yes

CVE: CVE-2007-4429

CWE: CWE-noinfo

Ogólna skala CVSS: 5/10

Znaczenie: 2.9/10

Łatwość wykorzystania: 10/10

Wymagany dostęp: Zdalny

Złożoność ataku: Niska

Autoryzacja: Nie wymagana

Wpływ na poufność: Brak

Wpływ na integralność: Brak

Wpływ na dostępność: Częściowy

Hi all!

On SecurityLab.ru forum an exploit code was published by an anonymous user. 
Reportedly it must have caused Skype massive disconnections today.

The PoC uses standard Skype client to call to a specific number. This call 
causes denial of service of current Skype server and forces Skype to 
reconnect to another server. The new server also "freezes" and so on ... the 
entire network.

Liks: http://www.securitylab.ru/news/301422.php

PoC: http://en.securitylab.ru/poc/301420.php

Best regards,

Valery Marchuk

www.SecurityLab.ru

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Skype Network Remote DoS Exploit

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.