Did Russian Hackers Crash Skype?

An anonymous reader sends us to the www.xakep.ru forum where a poster claims that the worldwide Skype crash was caused by Russian hackers (in Russian). The claim is that they found a local buffer overflow vulnerability caused by sending a long string to the Skype authorization server. You can try Google's beta Russian-to-English translation, but the interesting part is the exploit code, and that's more readable in the original. The Washington Post reports that Skype has denied this rumor.

Translation

[ACS+Solver]

Here's the article's introductory part properly translated.

"The reason for yesterday's downtime of the Skype network is research of Russian crackers, as reported by one of our readers.

While searching for a local buffer overflow, a possibility was found to send a long string to the server, overflowing its buffer and causing the server to go down. Its place is taken by another server from the P2P network, the error arises on it in the same way, and so on. As a result, the entire Skype network refused service for several hours and the developer team was forced to turn off authentication.

Here's the exploit code:"

Re:The code snippet seems to be wrong

[tftp]

It actually executes, I tried the loop just now.

fake?

[arghblubber]

http://www.ush.it/2007/08/18/why-the-skype-0day-ex ploit-is-a-fake/

coincidence?

[TheSHAD0W]

I bet people are trying exploits against Skype (and other popular servers and services) all the time. If someone tries something funny, and the system crashes a few seconds afterwards, they may assume they were the cause.

Re:The code snippet seems to be wrong

[svallarian]

It's obviously a typo. Since it was Russian code, it was supposed to be xCCCP