Bugtraq mailing list archives
Re: Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd)
From: "Hacknisty" <hacknisty () snscrew net>
Date: Mon, 23 Dec 2002 10:15:18 +0100
this vulnerability is explained on winamp site : http://www.winamp.com/news.jhtml;$sessionid$TLOSMMSIHA3UZTN24UYBCZQ?articlei d=9680 ----- Original Message ----- From: "Russell Garrett" <rg () tcslon com> To: "David Howe" <DaveHowe () gmx co uk> Sent: Thursday, December 19, 2002 10:58 PM Subject: RE: Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd)
This is an MD5 of a verified patched winamp 2.81, downloaded from Nullsoft's internal tester site: C:\>md5 winamp281_full.exe 353709951105A4671F457051157991C9-----Original Message----- From: David Howe [mailto:DaveHowe () gmx co uk] Sent: 19 December 2002 17:49 To: Email List: BugTraq Subject: Re: Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd) at Thursday, December 19, 2002 12:31 AM, Dave Ahmad <da () securityfocus com> was seen to say:Solution: For Winamp 2.81 users We recommend either upgrading to Winamp 3.0 or redownloading Winamp 2.81 (which has since been fixed) from: http://www.winamp.comDoes anyone have a more direct URL or a MD5 hash of the "safe" file? the current download of 2.81 is still dated Aug 21 and the current 3.0 dated 8 Aug (on the site - haven't downloaded 3.0. but the internal date on 2.81 is definitely the 21st) There is also *nothing* about this on the winamp site - its as if it didn't exist.--------------------------------------------------------------------------
--
Russ Garrett
russ () garrett co uk.
http://russ.garrett.co.uk.
Current thread:
- Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd) Dave Ahmad (Dec 18)
- Re: Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd) David Howe (Dec 19)
- RE: Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd) Richard Stanway (Dec 21)
- RE: Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd) Russell Garrett (Dec 21)
- Re: Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd) Hacknisty (Dec 23)
- Re: Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd) David Howe (Dec 19)