Results 1 to 2 of 2

Thread: WinAmp's security hole deepens

  1. #1
    Join Date
    Nov 2004
    Posts
    86
    Rep Power
    0

    Default WinAmp's security hole deepens

    For all you winamp fan: listen to this>>>>>>>

    A serious security flaw reported this week in WinAmp is still unpatched, contrary to the vendor's assurances, according to the researcher who discovered the vulnerability. What's more, exploit code taking advantage of the flaw has begun circulating on the Internet, making attacks simpler to carry out, said security experts.

    "It appears that the 'patched' version 5.05 does not fix the buffer overflow issue that we notified Nullsoft about," said Brett Moore, chief technical officer of Security-Assessment.com, in an email to the Bugtraq security mailing list on Wednesday. "We have sent Nullsoft a copy of this email, and hope that they can remedy this problem quickly." Nullsoft did not immediately respond to Techworld's request for comment.

    Full story:
    http://www.techworld.com/security/ne...fm?NewsID=2694

  2. #2
    Join Date
    Apr 2003
    Posts
    13,269
    Rep Power
    34

    Default Re: WinAmp's security hole deepens

    Recommendations on how to avoid these bugs.

    For skin file flaw: "The new bug, the skin file flaw and an April flaw in the handling of ".xm" files could all be exploited by luring an affected user to a website containing a specific type of file, which would then be automatically downloaded and executed."
    So be careful in what you download and from what websites you download it from.

    For this weeks flaw:
    "This week's bug can be exploited in a number of ways, the most dangerous being via an ".m3u" playlist file, according to Moore. "When hosted on a website, these files will be automatically downloaded and opened in winamp without any user interaction," he wrote in Security-Assessment.com's advisory. "This is enough to cause the overflow that would allow a malicious playlist to overwrite EIP and execute arbitrary code." Exploitation could allow an attacker to take over a system.

    Moore recommended that in the absence of a patch, users disassociate the filename extensions for playlists - .cda and .m3u - from WinAmp."
    "The best software is the one that fits your needs." - A_A

    Virus free since: date unknown
    Anti-virus free since: August 2008

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •