winamp 2.79 exploit
Results 1 to 7 of 7

Thread: winamp 2.79 exploit

  1. #1
    Senior Member
    Join Date
    Jan 2002
    Posts
    682

    Exclamation winamp 2.79 exploit

    ALERT

    AN EMERGING ISSUE WITH:
    WINAMP 2.79
    SEVERITY:
    Medium

    DATE:
    April 26, 2002

    SUMMARY:
    On April 25, security researcher Andreas Sandblad published
    information regarding a buffer overflow vulnerability in the popular
    MP3 player, Winamp. This vulnerability could allow an attacker to
    execute code on a computer system, with the permissions of the
    logged in user. There is no direct impact on WatchGuard's products.
    Administrators with vulnerable systems are encouraged to download
    and install the patched version of Winamp now available on the
    Winamp web site.



    EXPOSURE:


    The MP3 file format allows for a URL to be embedded in the file.
    Typically, when such an MP3 file is played, the player uses this URL
    to contact a Web site and download lyrics, general information about
    the song, or advertisements. Sandblad found a way to construct the
    embedded URL so that it would be able to overflow
    <https://www3.watchguard.com/archive/....asp?pack=1188> the
    memory address allocated for the purpose of contacting the Web, and
    then execute code of the attacker's choosing. Potentially, this code
    could be used to accomplish anything a legitimate user could do,
    such as adding or deleting files or reformatting the hard drive.



    SOLUTION PATH:


    Regardless of what WatchGuard product you use, your primary recourse
    is to download and install the new player (version 2.80) from
    Winamp.



    STATUS:


    A new version of Winamp is available from Winamp.com.
    <http://www.winamp.com/download>
    I used to be With IT. But then they changed what IT was. Now what I'm with isn't IT, and what's IT seems scary and weird." - Abe Simpson

  2. #2
    Hi mom!
    Join Date
    Aug 2001
    Posts
    1,103
    Well, I can see some useful use of this bug... "Play that Britney Spears song one more time and I swear I shall hack your computer!"
    I wish to express my gratitude to the people of Italy. Thank you for inventing pizza.

  3. #3
    Senior Member
    Join Date
    Aug 2001
    Posts
    410
    lol - Now, now Guus. Don't forget N*SYNC, BackStreet Boys, and all those other boy-bands.

    Thanks, Zigar for the heads up. Wonder if 2.78 is affected? Probably.
    savIRC :: The Multi-Platform IRC Client v. 1.8 [Released 9.04.02]

  4. #4
    Banned
    Join Date
    Mar 2002
    Posts
    968
    I'm using winamp 2.78 and I'm going to try the patch... just in case....<

    I like Guus' post, right on! (Don't forget Celine Dion!)

  5. #5
    Senior Member
    Join Date
    Dec 2001
    Posts
    243
    I use the beta, guess it's not affected... how exactly do you overflow the memory? Is it by putting an extremely long url there, or would you just embed a link to a file like www.blah.com/re-format.bat ? Just curious.
    Search First Ask Second. www.google.com

  6. #6
    Senior Member
    Join Date
    Jan 2002
    Posts
    682
    just bumping this up since i posted this on saturday and some may have missed it...
    I used to be With IT. But then they changed what IT was. Now what I'm with isn't IT, and what's IT seems scary and weird." - Abe Simpson

  7. #7
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Location
    Flint, MI
    Posts
    2,884
    Yup, I missed it, although I have heard about it already
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •