[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] HITB2011KUL - Skype Vulnerabilities 0Day Exploitation PART 1

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] HITB2011KUL - Skype Vulnerabilities 0Day Exploitation PART 1
From: Research <research@xxxxxxxxxxxxxxxxxxxxx>
Date: Sun, 01 Apr 2012 05:49:47 +0200

Title:
======
HITB2011KUL - Skype Vulnerabilities 0Day Exploitation PART 1


Date:
=====
2012-03-31


References:
===========
Download:       http://www.vulnerability-lab.com/resources/videos/394.wmv
View:           http://www.youtube.com/watch?v=K4g86hVQ1wk



VL-ID:
=====
394


Abstract:
=========
Presentation Title Skype Vulnerabilities: Zero Day Exploitation 2011
Presentation Abstract

The popular VOIP client Skype has been beaten?! As everyone knows Skype takes 
security very seriously according 
to their own words: “The security of your information is of the utmost concern 
to us here at Skype and something 
we take very seriously” So we rose up to the challenge and tried to see if we 
could beat the system filters and/or 
software out of the box.

This presentation will offer the first in depth view & analysis of the bugs 
that where found in Skype by the 
vulnerability-lab.com research team in 2011. The presentation will also provide 
exclusive attack schemes from 
an attackers point of view which were also used for verification of our 
findings.

Buglist:

– Skype 5.3.x 2.2.x 5.2.x – Persistent Cross Site Scripting Vulnerability
– Skype 5.3.x 2.2.x 5.2.x – Persistent Software Vulnerability
– Skype v5.3.x – Transfer Standby Buffer Overflow Vulnerability
– Skype v5.2.x and v5.3.x – Critical Pointer Vulnerability
– Skype v5.3.x v2.2.x v5.2.x – Denial of Service Vulnerability

Attack schemes:

– Client Side Skype Exploitation (Local & Remote)
– Server Side Exploitation #1 (Local & Remote)
– Server Side Exploitation #2 (Local & Remote)
– Denial of Service Exploitation (Local to Remote)
– Buffer Overflow Exploitation (Remote)
– Pointer Bug Exploitation (Local)


Status:
========
Published


Exploitation-Technique:
=======================
Conference


Severity:
=========
High


Credits:
========
Benjamin Kunz M.(28) is active as a penetration tester and security analyst for 
private and public 
security firms, hosting entities, banks, isp(telecom) and ips. His specialties 
are security 
checks(penetrationtests) on services, software, applications, malware analysis, 
underground economy, 
government protection or cyberwar analysis, reverse engineering, lectures or 
presentations and 
workshops about IT Security. During his work as a penetration tester and 
vulnerability researcher, 
many open- or closed source applications, software and services were formed 
more secure. In 1997, 
Benjamin K.M. founded a non-commercial and independent security research group 
called,  Global Evolution 
- Security Research Group  which is still active today.

From 2010 to 2011, Benjamin M. and Pim C. (Research Team) identified over 300 
zero day vulnerabilities 
in well known products from companies such as DELL, Barracuda, Mozilla, 
Kaspersky, McAfee, Google, 
Fortigate, Opera, Cyberoam, Safari, Endian, Skype, Asterisk, Astaro, PBX & 
SonicWall. In 2010 he founded 
the company  Evolution Security . After the firm s establishment arose the 
Vulnerability Lab as the legal 
european initiative for vulnerability researchers, analysts, penetration 
testers, and serious hacker 
groups. Ben is also the leader of the Contest + VLab Research Team. He have a 
lot of stable references 
by solved events, interviews or contests/wargames like ePost SecCup, SCS2, 
27c3, EH2008, Har2009, Da-op3n 
& he provids exclusive zero-day exploitation sessions/releases.


Disclaimer:
===========
The information provided in this video is provided as it is without any 
warranty. Vulnerability-Lab disclaims all warranties, 
either expressed or implied, including the warranties of merchantability and 
capability for a particular purpose. Vulnerability-
Lab or its suppliers are not liable in any case of damage, including direct, 
indirect, incidental, consequential loss of business 
profits or special damages, even if Vulnerability-Lab or its suppliers have 
been advised of the possibility of such damages. Some 
states do not allow the exclusion or limitation of liability for consequential 
or incidental damages so the foregoing limitation 
may not apply. Any modified copy or reproduction, including partially usages, 
of this file requires authorization from Vulnerability-
Lab. Permission to electronically redistribute this alert in its unmodified 
form is granted. All other rights, including the use of 
other media, are reserved by Vulnerability-Lab or its suppliers.

                                                Copyright © 
2012|Vulnerability-Lab

-- 
VULNERABILITY RESEARCH LABORATORY TEAM
Website: www.vulnerability-lab.com
Mail: research@xxxxxxxxxxxxxxxxxxxxx


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: [Full-disclosure] Swedish Army Web Database - SQL Injection Vulnerability
Next by Date: [Full-disclosure] So, so you think you can tell April 1 joke from a 0day?
Previous by thread: [Full-disclosure] Swedish Army Web Database - SQL Injection Vulnerability
Next by thread: [Full-disclosure] So, so you think you can tell April 1 joke from a 0day?
Index(es):
- Date
- Thread