Help - Search - Members - Calendar
Full Version: Winamp 5.12 - Zero Day Exploit For Unpatched Vulnerability
BleepingComputer.com > Security > Breaking Virus & Security News
   
harrywaldron
Jan 30 2006, 06:17 AM
Please be careful if you use WinAmp as a media player on your system. A new exploit has surfaced for an unpatched vulnerability that is rated as a critical risk by security firms. The vendor will most likely patch this soon and the patch should be applied expediently.

Winamp Computer Name Handling Buffer Overflow Vulnerability
http://secunia.com/advisories/18649/

DESCRIPTION: The vulnerability is caused due to a boundary error during the handling of filenames including a computer name. This can be exploited to cause a buffer overflow via a specially crafted playlist containing a filename starting with an overly long computer name (about 1040 bytes). Successful exploitation allows execution of arbitrary code on a user's system when e.g. a malicious website is visited. The vulnerability has been confirmed in version 5.12. Other versions may also be affected.


Nullsoft Winamp Player PLS Handling Remote Buffer Overflow Vulnerability
http://www.frsirt.com/english/advisories/2006/0361

Advisory ID : FrSIRT/ADV-2006-0361
CVE ID : GENERIC-MAP-NOMATCH
Rated as : Critical
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2006-01-29

Technical Description: A vulnerability has been identified in Winamp, which could be exploited by remote attackers to execute arbitrary commands. This flaw is due to a buffer overflow error when processing a specially crafted playlist (".pls" file) containing a malformed "File1" tag, which could be exploited by remote attackers to execute arbitrary commands and take complete control of an affected system without any user-interaction via a specially crafted web page.

Exploits: An exploit is publicly available.

Affected Products: Nullsoft Winamp version 5.12 and prior

Recommendation: Use Winamp offline or to access only highly trusted sites until a patch is issued. It is likely that Nullsoft will quickly supply a patch, but until then use Winamp cautiously.
harrywaldron
Jan 30 2006, 09:18 PM
Nullsoft has expediently released version 5.13 to address this ZERO DAY attack smile.gif smile.gif

ISC Information
http://www.incidents.org/diary.php?storyid=1080

Download v5.13 here
http://www.winamp.com/player/

WinAmp Change History
http://www.winamp.com/player/version_history.php
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2008 Invision Power Services, Inc.