Re: [EXTERNAL] Urgent: skype vulnerability?
Posted by
Marcus G. Daniels on
Sep 12, 2013; 2:55am
URL: http://friam.383.s1.nabble.com/Urgent-skype-vulnerability-tp7583763p7583795.html
On 9/6/13 5:29 PM, Parks, Raymond
wrote:
<base href="x-msg://600/">
I did a quick search through my data and there haven't been any
major Skype vulns in a while. There's a local privilege
escalation from this last spring and URL snooping, but neither
should result in massive Skype usage. The Dark Comet Remote
Access Tool (RAT) uses the Skype port and protocol to "phone
home", so you might have a pest problem. Even worse, a
vulnerability was published last fall for getting in to the Dark
Comet RAT via it's use of Skype - so if you have Dark Comet,
someone could be breaking it to get into your computer.
Where do the folks selling zero day exploits seem to invest effort
when it comes to Linux? Do they work against versions that are in
wide distribution (2.6.32), or try to get in early and sell bugs
early in the hopes the lifetime of the work will be relatively
longer (3.12)? Is bleeding edge kernel and system software any
better or worse security wise than a service contract for RHEL, etc.
(and immediate updates). If there are bad statistics, that would
suggest to me some benefit from security from obscurity?
It still blows me a way that governments trust vendors that use
international development teams, but do not disclose source code.
Why not more of a push toward systems that can _really_ be
audited? It seems to me like using medicine that has no systematic
study or peer review.
If this is accurate, it looks to me like the databases on exploits
tends to be against old software?
http://www.cvedetails.com/vulnerability-list/vendor_id-33/product_id-47/year-2013/opgpriv-1/Linux-Linux-Kernel.html
Marcus
============================================================
FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe
http://redfish.com/mailman/listinfo/friam_redfish.com