Full Disclosure mailing list archives

Re: [Exploit] Winamp 5.x/3.x Skin File Remote Code Execution Exploit (0day)

From: No Reply <noreply () pewp hack se>
Date: Tue, 31 Aug 2004 08:16:00 +0200

Hi!

Anyone successfully exploited this vulnerability on a machine withService Pack 2?

I played around a little bit with it yesterday but didnt get it to work.

//David


K-OTik Security Survey wrote:

----------------------------------------------------------------------

                     K-OTiK Security / Exploits

----------------------------------------------------------------------

 2002-2004 K-OTiK.COM © Threat and Security Survey 24h/24 and 7j/7

          Backend/XML/RSS - http://www.k-otik.com/rss

----------------------------------------------------------------------



25.08.2004 : Winamp 5.x/3.x Skin File Remote Code Execution Exploit

-----------



K-OTik Security has received since July 22nd several reports from

users who were hacked on IRC. This 0day attack had been used to spread

spyware and trojans, infecting a computer after the victim clicked on

a fake winamp skin web link.



We confirmed this flaw on fully patched systems running the latest

version of Winamp, and reported today this flaw/exploit to avers.



we decided today to make this exploit "public". There is no patch for

this vulnerability -> do NOT use Winamp.



http://www.k-otik.com/exploits/08252004.skinhead.php



----------------------------------------------------------------------

----------------------------------------------------------------------


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Re: [Exploit] Winamp 5.x/3.x Skin File Remote Code Execution Exploit (0day) No Reply (Aug 31)