Warning: critical Winamp vuln
Print storyPlay it again, hacker
Posted in Enterprise Security, 25th November 2004 11:40 GMT
Free Download - Security Web 2.0
Security researchers are warning of a serious - and unfixed - security hole with the popular Winamp media player.
A remotely exploitable stack based buffer overflow creates a means for hackers to take over machines running Winamp- providing they can trick users into running maliciously constructed files. For example, a malformed .m3u playlist file, hosted on a web site, would be automatically downloaded and opened in Winamp without any user interaction. The vulnerability, discovered by pen testers at Security-Assessment.com, arises from a buffer overflow in library file (called IN_CDDA.dll) used by Winamp.
The vulnerability has been reported in version 5.05 and confirmed in version 5.06. Prior versions might also be affected, security firm Secunia warns. A proof of concept exploit was released yesterday by security outfit K-OTik. K-otik advises users to uninstall Winamp or at the very least disassociate .cda and .m3u extensions from Winamp until the bug is fixed. ®
Related stories
AOL axes Nullsoft - whither Winamp, Shoutcast?
WinAmp flayed by skins attack
XP audio vuln shout goes out
Related links
Security-Assessment.com's advisory (PDF)
An Improved Architecture for High-Efficiency, High-Density Data Centers [WP126]
Implementing Energy Efficient Data Centers [WP114]
Blind SQL Injection [3-2APYM5E]
The Evolving Security Landscape
The Register Guide to Extended Validation
Inmate hacked prison network, broke into employee database
Miscreants hijacking machines via (freshly patched) Adobe flaw
Martial law planned for Craigslist's red-light district
Cocaine addicted IT manager hacks ex-employer's mail servers