Re: Winamp - Buffer Overflow In IN_CDDA.dll [Unpatched]

[K-OTiK Security <Special-Alerts () k-otik com>]

In-Reply-To: <BAY101-F277D543B4547323CCB31D8A9BA0 () phx gbl>


Winamp 5.06 is also vulnerable and exploitable...thus this flaw is still unpatched.

you can test it using this code :
http://www.k-otik.com/exploits/20041124.winampm3u.c.php

Regards
K-OTik Security Research & Monitoring Team 24/7
http://www.k-otik.com


> Dear Brett
>
> I've noticed that you say this is for version 5.05. Just looked at Winamp's 
> site, and they have a 5.06 version out. Is this one vunerable as well?
>
> Kind Regards
>
> Alex Cottle
>
>
> > From: "Brett Moore" <brett.moore () security-assessment com>
> > Reply-To: <brett.moore () security-assessment com>
> > To: "Bugtraq@Securityfocus. Com" <bugtraq () securityfocus com>
> > Subject: Winamp - Buffer Overflow In IN_CDDA.dll [Unpatched]
> > Date: Wed, 24 Nov 2004 16:05:46 +1300
> >
> > ========================================================================
> > = Winamp - Buffer Overflow In IN_CDDA.dll
> > =
> > = Affected Software:
> > =       Winamp 5.05, 5.06
> > =
> > = Public disclosure on November 24, 2004
> > ========================================================================
> >
> > == Overview ==
> >
> > Hate to be the bearer of bad news.
> >
> > It appears that the 'patched' version 5.05 does NOT fix the buffer overflow
> > issue that we notified Nullsoft about. This is obviously not good.
> >
> > As we wrote in our advisory we were notified by email that the issue had
> > been fixed and an update posted to the website.
> >
> > We have sent Nullsoft a copy of this email, and hope that they can remedy
> > this problem quickly. Unfortunately, this may not be the case as was
> > pointed out to me by somebody.
> >
> > == Solutions ==
> >
> > - Disassociate .cda and .m3u extensions from winamp
> > - Wait for an update
> >
> > Brett Moore
> > Network Intrusion Specialist, CTO
> > Security-Assessment.com
> >
> >
> > ######################################################################
> > CONFIDENTIALITY NOTICE:
> >
> > This message and any attachment(s) are confidential and proprietary.
> > They may also be privileged or otherwise protected from disclosure. If
> > you are not the intended recipient, advise the sender and delete this
> > message and any attachment from your system. If you are not the
> > intended recipient, you are not authorised to use or copy this message
> > or attachment or disclose the contents to any other person. Views
> > expressed are not necessarily endorsed by Security-Assessment.com
> > Limited. Please note that this communication does not designate an
> > information system for the purposes of the New Zealand Electronic
> > Transactions Act 2003.
> > ######################################################################