Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Winamp 5.12 - Zero Day Exploit For Unpatched Vulnerability


  • Please log in to reply
1 reply to this topic

#1 harrywaldron

harrywaldron

    Security Reporter


  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:02:27 AM

Posted 30 January 2006 - 06:17 AM

Please be careful if you use WinAmp as a media player on your system. A new exploit has surfaced for an unpatched vulnerability that is rated as a critical risk by security firms. The vendor will most likely patch this soon and the patch should be applied expediently.

Winamp Computer Name Handling Buffer Overflow Vulnerability
http://secunia.com/advisories/18649/

DESCRIPTION: The vulnerability is caused due to a boundary error during the handling of filenames including a computer name. This can be exploited to cause a buffer overflow via a specially crafted playlist containing a filename starting with an overly long computer name (about 1040 bytes). Successful exploitation allows execution of arbitrary code on a user's system when e.g. a malicious website is visited. The vulnerability has been confirmed in version 5.12. Other versions may also be affected.


Nullsoft Winamp Player PLS Handling Remote Buffer Overflow Vulnerability
http://www.frsirt.com/english/advisories/2006/0361

Advisory ID : FrSIRT/ADV-2006-0361
CVE ID : GENERIC-MAP-NOMATCH
Rated as : Critical
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2006-01-29

Technical Description: A vulnerability has been identified in Winamp, which could be exploited by remote attackers to execute arbitrary commands. This flaw is due to a buffer overflow error when processing a specially crafted playlist (".pls" file) containing a malformed "File1" tag, which could be exploited by remote attackers to execute arbitrary commands and take complete control of an affected system without any user-interaction via a specially crafted web page.

Exploits: An exploit is publicly available.

Affected Products: Nullsoft Winamp version 5.12 and prior

Recommendation: Use Winamp offline or to access only highly trusted sites until a patch is issued. It is likely that Nullsoft will quickly supply a patch, but until then use Winamp cautiously.

Edited by harrywaldron, 30 January 2006 - 06:18 AM.


BC AdBot (Login to Remove)

 


#2 harrywaldron

harrywaldron

    Security Reporter

  • Topic Starter

  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:02:27 AM

Posted 30 January 2006 - 09:18 PM

Nullsoft has expediently released version 5.13 to address this ZERO DAY attack :thumbsup: :flowers:

ISC Information
http://www.incidents.org/diary.php?storyid=1080

Download v5.13 here
http://www.winamp.com/player/

WinAmp Change History
http://www.winamp.com/player/version_history.php




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users