Skype Network Remote DoS Exploit

2007.08.21

Credit: Valery Marchuk

Risk: Low

Local: No

Remote: Yes

CVE: CVE-2007-4429

CWE: CWE-noinfo

CVSS Base Score: 5/10

Impact Subscore: 2.9/10

Exploitability Subscore: 10/10

Exploit range: Remote

Attack complexity: Low

Authentication: No required

Confidentiality impact: None

Integrity impact: None

Availability impact: Partial

Hi all!

On SecurityLab.ru forum an exploit code was published by an anonymous user. 
Reportedly it must have caused Skype massive disconnections today.

The PoC uses standard Skype client to call to a specific number. This call 
causes denial of service of current Skype server and forces Skype to 
reconnect to another server. The new server also "freezes" and so on ... the 
entire network.

Liks: http://www.securitylab.ru/news/301422.php

PoC: http://en.securitylab.ru/poc/301420.php

Best regards,

Valery Marchuk

www.SecurityLab.ru

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

Skype Network Remote DoS Exploit

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Skype Network Remote DoS Exploit

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.