News Document Title:
====================
(CFP) HITB Malaysia - Skype VoIP Software Exploitation 2011


Release Date:
=============
2011-07-15


Laboratory Article:
===================
Theme:  Skype VoIP Software Exploitation - Zero Day Vulnerabilities 2011
Author: Benjamin Kunz Mejri alias rem0ve (-rm)

Phase 1: 
(Overview) Published Skype Vulnerabilities 2006-2010 and risk level

Phase 2:(Informercial)
How to detect own Skype zero-day vulnerabilities?
How to exploit skype zero-day vulnerabilities out of the box?

Phase 3:(Main Presentation)
Presentation of own zero-day issues ... (explain and technics)
Skype 5.3.x 2.2.x 5.2.x 	- Persistent XSS Vulnerability  			- High 		- Verified and  Accepted by Vendor
Skype 5.3.x 2.2.x 5.2.x 	- Persistent Software Vulnerability  			- High 		- Verified and  Accepted by Vendor
Skype v5.3.x 			- Transfer Standby Buffer Overflow Vulnerability 	- High 		- Accepted by Vendor
Skype v5.2.x and  v5.3.x 	- Critical Pointer Vulnerability 			- Critical 	- Verified and  Accepted by Vendor
Skype v5.3.x v2.2.x v5.2.x 	- Denial of Service Vulnerability 			- Medium(+) 	- Verified and Accepted by Vendor

Phase 4: (Review and Pictures)
+ 3 mal Videos, Exploitation Review, Exceptions Logs and Pictures

Technical Requirements: 
Beamer/Projector for Pictures and Videos + 1x ClubMate

Duration: 
60 - 120 Minutes