Assigned : VUPEN/ADV-2006-0613
From : Sowhat <smaillist at gmail.com>
Subject : Winamp .m3u fun again ;)
Date : 2006-02-16
Original Message
Winamp .m3u Remote Buffer Overflow Vulnerability (0day)
by Sowhat
Discovery: 2005.07.21
Pubulished: 2006.02.16
http://secway.org/advisory/AD20060216.txt
Affected:
Winamp All versions (including 5.13)
Overview:
WinAMP is a popular media player that supports various media and playlist
formats, including playlists in m3u or pls format.
This bug was found during Reading the following Advisory by
tombkeeper@NSFOCUS
http://www.nsfocus.com/english/homepage/research/0501.htm
PoC.m3u
#EXTM3U
#EXTINF:5,demo
cda://demoAAAAAAAAAAAAAAAAAAAAAA[...about 3600?...]AAAAAAAAAAAAAA.mp3
btw: Alan McCaig (b0f) published a similar 0day vulnerability today,
so I think it's time to PUB this lame advisory tooooo.
see: http://www.frsirt.com/english/advisories/2006/0613
WORKAROUND:
No WORKAROUND this time.
plz check the vendor's website for update
OR, dont use Winamp ;)
Greetings to tombkeeper,killer,baozi, all 0x557 & XFOCUS guys
--
Sowhat
http://secway.org
"Life is like a bug, Do you know how to exploit it ?"
Disclaimer : VUPEN Security does not endorse the content of this
message submitted by others to public mailinglists. Messages submitted to public
mailinglists do not necessarily reflect the opinions or policies of VUPEN Security.
VUPEN Security makes no warranties, express or implied, as to the content of the message
in this page or the accuracy and reliability of any messages and other materials
submitted to public mailinglists. Any questions or comments regarding this page
should be sent to
team@vupen.com
|
