Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

New Skype vulnerabilities

Published: 2005-10-25
Last Updated: 2005-10-25 14:05:20 UTC
by Adrien de Beaupre (Version: 1)
0 comment(s)
Our avid reader and contributor Juha-Matti let us know that there are two new vulnerabilities in the free IP telephone software Skype.

http://www.skype.com/security/skype-sb-2005-02.html

and

http://www.skype.com/security/skype-sb-2005-03.html

CVE entries: CVE-2005-3265
CVE-2005-3267

Secunia advisory: http://secunia.com/advisories/17305/

Please upgrade to the new version ASAP, they have been rated highly critical by Secunia, and high by Skype.

Download here: http://www.skype.com/download/

Cheers,
Adrien de Beaupre
http://www.cinnabar.ca

 


Keywords:
0 comment(s)

Exploit for Snort BO available!

Published: 2005-10-25
Last Updated: 2005-10-25 13:08:58 UTC
by Pedro Bueno (Version: 1)
0 comment(s)
So, looks like finally there is an exploit public available for the Snort BO preprocessor vulnerability.
Our good reader Juha-Matti sent a note about an exploit published by FrSIRT, formely known as K-Otik.
On the good side, our Handler Kyle Haugsness created a tool and some snort signatures that can detect them!
I just tested it against the exploit and it really works! ;-) You can find it here .

If you didnt patch yet or applied the workarounds, do you need more reasons?
------------------------------------------------------------------
Keywords:
0 comment(s)
Diary Archives