Winamp 2.73 buffer overflow

From: ByteRage (byterageat_private)
Date: Sat Apr 28 2001 - 12:30:59 PDT

Next message: Rev. Chris Cappuccio: "Re: Hijack IP Address using cable modem"

Previous message: Michel Arboi: "Re: ssh crc32 exploit on Linux"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I recently found a buffer overflow in Winamp 2.73,
it's in the way it parses *.AIP files... These files
are set to download without a download confirmation,
like m3u & pls, so they pose a security threat...
(actually such exploits make winamp a backdoor)
A demonstration of how the EIP can be snatched using
an *.AIP has been attached (I have put the AIP in a
ZIP this time to prevent it from being executed
automatically)
It is pretty likely that all versions of winamp that
have been written until now are affected with the bug.

Yours,

[ByteRage]

__________________________________________________
Do You Yahoo!?
Yahoo! Auctions - buy the things you want at great prices
http://auctions.yahoo.com/

application/x-zip-compressed attachment: SNATCH-EIP-80808080.zip

Next message: Rev. Chris Cappuccio: "Re: Hijack IP Address using cable modem"
Previous message: Michel Arboi: "Re: ssh crc32 exploit on Linux"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Apr 28 2001 - 23:35:23 PDT