Security experts today warned of a trio of “highly critical” vulnerabilities that has been discovered in Skype’s VoIP client software, which can be exploited by malicious hackers to cause DoS attacks, or to take remote control of compromised systems.
Secunia stated: "A boundary error exists when handling Skype-specific URI types e.g. "callto://" and "skype://". This can be exploited to cause a buffer overflow and allows arbitrary code execution when the user clicks on a specially-crafted Skype-specific URL."
The vulnerability is related to Secunia advisory SA13191.
A second boundary error has also been discovered that affects the handling of VCARD imports. This can be exploited to cause a buffer overflow and allows arbitrary code execution when the user imports a specially-crafted VCARD.
These vulnerabilities have been reported in Skype for Windows Release 1.1.*.0 through 1.4.*.83.
The third issued with the Skype client centres on a boundary error in the handling of certain unspecified Skype client network traffic. This can be exploited to cause a heap-based buffer overflow, according to Secunia. Successful exploitation of this flaw crashes the Skype client.
The third vulnerability has been reported in the following versions: Skype for Windows Release 1.4.*.83 and prior; Skype for Mac OS X Release 1.3.*.16 and prior; * Skype for Linux Release 1.2.*.17 and prior and Skype for Pocket PC Release 1.1.*.6 and prior.
Users of the VoIP service are urged to update to the fixed version of Skype's software. The latest version of the applications coded for Windows, Mac OS X and Linux all fix the issues, but Secunia warned that no patch has yet been created for Skype for Pocket PC. "The vulnerability discovered in today's advisory by Secunia poses a much bigger security threat to businesses due to the homogeneous nature of the Skype environment," said Tom Newton, product manager for SmoothWall.
"Skype's ubiquity and the closed nature of their protocol means that all clients are based on the same code – Windows, Linux, business and home users all share the same, equally vulnerable client, a fecund breeding ground for worms and other malicious code. Skype's ease of use is partially facilitated by the port-agile firewall-dodging protocol used – this poses further danger to unsuspecting administrators who may not realise the scope of VoIP activity on their network."
"Now that this vulnerability has been found, it is exploitable worldwide. Businesses need to ensure client PCs are locked down, roll-out is limited where necessary and intelligent security policies are in place to minimise the effect of the vulnerability. This technology is inevitable and it looks like Skype may become the 'VHS' of the world, with a possibly inferior, but ubiquitous, cheap and effective product."
