[<prev] [next>] [day] [month] [year] [list]
Message-ID: <d65cd4390602160625i2e3621c5od6dfb4f93634ab59@mail.gmail.com>
Date: Thu, 16 Feb 2006 22:25:26 +0800
From: Sowhat <smaillist@...il.com>
To: bugtraq@...urityfocus.com
Subject: Winamp .m3u fun again ;)
Winamp .m3u Remote Buffer Overflow Vulnerability (0day)
by Sowhat
Discovery: 2005.07.21
Pubulished: 2006.02.16
http://secway.org/advisory/AD20060216.txt
Affected:
Winamp All versions (including 5.13)
Overview:
WinAMP is a popular media player that supports various media and playlist
formats, including playlists in m3u or pls format.
This bug was found during Reading the following Advisory by tombkeeper@...OCUS
http://www.nsfocus.com/english/homepage/research/0501.htm
PoC.m3u
#EXTM3U
#EXTINF:5,demo
cda://demoAAAAAAAAAAAAAAAAAAAAAA[...about 3600?...]AAAAAAAAAAAAAA.mp3
btw: Alan McCaig (b0f) published a similar 0day vulnerability today,
so I think it's time to PUB this lame advisory tooooo.
see: http://www.frsirt.com/english/advisories/2006/0613
WORKAROUND:
No WORKAROUND this time.
plz check the vendor's website for update
OR, dont use Winamp ;)
Greetings to tombkeeper,killer,baozi, all 0x557 & XFOCUS guys
--
Sowhat
http://secway.org
"Life is like a bug, Do you know how to exploit it ?"
Powered by blists - more mailing lists