I`ve just checked the archive. The latest version of the file class2.php was
changed on 2010/01/21 03:57:43 and it does not contain the malicious code.
It has been probably replaced already, or we are using different mirrors.
Valery Marchuk
www.SecurityLab.ru
- Original Message
--
(PT-2009-05) Positive Technologies Security Advisory
CA Internet Security Suite Denial of Service Vulnerability
--
---[ Affected Software ]
C
--
(PT-2008-09) Positive Technologies Security Advisory
Microsoft Windows MSMQ Privilege Escalation Vulnerability
--
---[ Affected Software ]
--
(PT-2009-01) Positive Technologies Security Advisory
PGP Desktop Pgpdisk.sys And Pgpwded.sys Multiple Vulnerabilities
--
---[ Affected Software
--
(PT-2009-09) Positive Technologies Security Advisory
Trend Micro Internet Security Pro 2009 tmactmon.sys Priviliege
Escalation Vulnerabilities
-
--
(PT-2009-11) Positive Technologies Security Advisory
SlySoft Multiple Products ElbyCDIO.sys Denial of Service
--
---[ Affected Software ]
Sl
ww.securitylab.ru/vulnerability/347887.php
BR,
Valery Marchuk
www.SecurityLab.ru
but it's impossible to prove anything and it's not
necessary. I just would like to say, that Skype could came up with more
realistic story, for example: someone made a mistake in the code, or they
were trying to implement new feature and everyone would believe, even me :)
Skype to
reconnect to another server. The new server also "freezes" and so on ... the
entire network.
Liks: http://www.securitylab.ru/news/301422.php
PoC: http://en.securitylab.ru/poc/301420.php
Best regards,
Valery Marchuk
www.SecurityLab.ru