Re: Winamp - Buffer Overflow In IN_CDDA.dll [Unpatched]
In-Reply-To: <BAY101-F277D543B4547323CCB31D8A9BA0@xxxxxxx>
Winamp 5.06 is also vulnerable and exploitable...thus this flaw is still
unpatched.
you can test it using this code :
http://www.k-otik.com/exploits/20041124.winampm3u.c.php
Regards
K-OTik Security Research & Monitoring Team 24/7
http://www.k-otik.com
>Dear Brett
>
>I've noticed that you say this is for version 5.05. Just looked at Winamp's
>site, and they have a 5.06 version out. Is this one vunerable as well?
>
>Kind Regards
>
>Alex Cottle
>
>
>>From: "Brett Moore" <brett.moore@xxxxxxxxxxxxxxxxxxxxxxx>
>>Reply-To: <brett.moore@xxxxxxxxxxxxxxxxxxxxxxx>
>>To: "Bugtraq@Securityfocus. Com" <bugtraq@xxxxxxxxxxxxxxxxx>
>>Subject: Winamp - Buffer Overflow In IN_CDDA.dll [Unpatched]
>>Date: Wed, 24 Nov 2004 16:05:46 +1300
>>
>>========================================================================
>>= Winamp - Buffer Overflow In IN_CDDA.dll
>>=
>>= Affected Software:
>>= Winamp 5.05, 5.06
>>=
>>= Public disclosure on November 24, 2004
>>========================================================================
>>
>>== Overview ==
>>
>>Hate to be the bearer of bad news.
>>
>>It appears that the 'patched' version 5.05 does NOT fix the buffer overflow
>>issue that we notified Nullsoft about. This is obviously not good.
>>
>>As we wrote in our advisory we were notified by email that the issue had
>>been fixed and an update posted to the website.
>>
>>We have sent Nullsoft a copy of this email, and hope that they can remedy
>>this problem quickly. Unfortunately, this may not be the case as was
>>pointed out to me by somebody.
>>
>>== Solutions ==
>>
>>- Disassociate .cda and .m3u extensions from winamp
>>- Wait for an update
>>
>>Brett Moore
>>Network Intrusion Specialist, CTO
>>Security-Assessment.com
>>
>>
>>######################################################################
>>CONFIDENTIALITY NOTICE:
>>
>>This message and any attachment(s) are confidential and proprietary.
>>They may also be privileged or otherwise protected from disclosure. If
>>you are not the intended recipient, advise the sender and delete this
>>message and any attachment from your system. If you are not the
>>intended recipient, you are not authorised to use or copy this message
>>or attachment or disclose the contents to any other person. Views
>>expressed are not necessarily endorsed by Security-Assessment.com
>>Limited. Please note that this communication does not designate an
>>information system for the purposes of the New Zealand Electronic
>>Transactions Act 2003.
>>######################################################################
>
>
>