| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: noreply at pewp.hack.se (No Reply) Subject: Re: [Exploit] Winamp 5.x/3.x Skin File Remote Code Execution Exploit (0day) Hi! Anyone successfully exploited this vulnerability on a machine with Service Pack 2? I played around a little bit with it yesterday but didnt get it to work. //David K-OTik Security Survey wrote: >---------------------------------------------------------------------- > > K-OTiK Security / Exploits > >---------------------------------------------------------------------- > > 2002-2004 K-OTiK.COM ? Threat and Security Survey 24h/24 and 7j/7 > > Backend/XML/RSS - http://www.k-otik.com/rss > >---------------------------------------------------------------------- > > > >25.08.2004 : Winamp 5.x/3.x Skin File Remote Code Execution Exploit > >----------- > > > >K-OTik Security has received since July 22nd several reports from > >users who were hacked on IRC. This 0day attack had been used to spread > >spyware and trojans, infecting a computer after the victim clicked on > >a fake winamp skin web link. > > > >We confirmed this flaw on fully patched systems running the latest > >version of Winamp, and reported today this flaw/exploit to avers. > > > >we decided today to make this exploit "public". There is no patch for > >this vulnerability -> do NOT use Winamp. > > > >http://www.k-otik.com/exploits/08252004.skinhead.php > > > >---------------------------------------------------------------------- > >---------------------------------------------------------------------- > >
Powered by blists - more mailing lists