High-risk flaws in Skype

By Bill Brenner, News Writer 25 Oct 2005 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

Skype Technologies S.A. recommends users update their software to fix "high-risk" security holes attackers could exploit to cause a denial-of-service or launch malicious code. The vulnerabilities affect Skype software for Windows, Mac OS X, Linux and Pocket PC.

The Luxembourg-based Internet telephony service provider, which allows users to make free calls between computers or low-cost calls to regular telephones not connected to the Internet, said one problem is that "Skype can be made to execute arbitrary code through a buffer overflow when Skype is called upon to handle malformed URLs that are in Skype-specific URI types callto:// and skype://." Skype could also be used to launch malicious code "during importation of a VCARD that is in a specific non-standard format."

This issue affects Skype 1.1.*.0 through 1.4.*.83 for Windows, the vendor said.

Another problem is a heap overflow condition in the networking routine. "Skype can be remotely forced to crash due to an error in bounds checking in a specific networking routine," Skype said in its advisory. "An attacker who sends a stream of specifically crafted network traffic to a Skype client network can cause the client to overwrite part of the heap, including the heap integrity control data."

Since the attacker can't control the address where the data is written, "the most likely effect will be that the Skype will abort execution due to an internal error, although other unpredictable behavior is possible," the advisory said. "Such a crash will lead to a loss of availability of the Skype application until it is restarted by the user."

This issue affects all Skype releases prior to and including 1.4.*.83 for Windows, all releases prior to and including 1.3.*.16 for Mac OS X; all releases prior to and including 1.2.*.17 for Linux; and all releases prior to and including 1.1.*.6 for Pocket PC.

The fixes come a week after New York-based e-mail security firm MessageLabs Ltd. warned that a new variant of the IRCbot Trojan horse was taking aim at Skype users. The Trojan, also known as Fanbot, was distributed by e-mail, disguised as the newest Skype release -- version 1.4 -- which came out Oct. 10.

Tags: Network Protocols and Security,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Network Protocols and Security Expert calls SSL protocol vulnerability a non issue How to prevent phishing attacks with social engineering tests How SSL-encrypted Web connections are intercepted DNSSEC deployment challenges can be overcome Microsoft issues SMB vulnerability advisory, patch pending Microsoft repairs Windows media, TCP/IP vulnerabilities How to test IPv6 infrastructures DNSSEC deployments gain momentum since Kaminsky DNS bug Kaminsky interview: DNSSEC addresses cross-organizational trust and security How to create secure Windows FTP automation

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary 5 terms you need to know before you employ VoIP  (SearchSecurity.com) digest authentication  (SearchSecurity.com) IGP  (SearchSecurity.com) IP spoofing  (SearchSecurity.com) Secure Sockets Layer  (SearchSecurity.com) smurfing  (SearchSecurity.com) Transport Layer Security  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary