Oddsock Song Requester Playlist Generator for Winamp Has Buffer Overflows Let Remote Users Crash the Winamp Media Server
SecurityTracker Alert ID: 1004787
CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site)
Date: Jul 17 2002
Impact: Denial of service via network
Exploit Included: Yes
Version(s): 2.1
Description: Buffer overflow vulnerabilities were reported in the Oddsock Song Requester Winamp plugin. A remote user can cause the Winamp media server to crash.
Outpost24 Security reported several buffer overflow vulnerabilities that allow a remote user to cause denial of service conditions. A remote user can cause the Winamp media service to crash, requiring a restart to return to normal operations.
The vulnerability reportedly exists in the parsing of long names or character strings. Successful exploitation may cause Winamp to shut down. Two demonstration exploit URLs are provided:
http://<musicserver>/request.cgi?listpos=9999999999999999999999999999
(9x256)
http://<musicserver>/request.cgi?psearch=999 999999999999999999999999999
(9x254)
Both URLs will cause Winamp to crash, but the second will cause Winamp to crash without generating any error messages.
According to the report, all the Song Requester CGI files are vulnerable, including the 'admin.cgi' script.
The vendor has reportedly been notified.
See the original Outpost24 advisory at:
http://www.outpost24.com/ops/news/260&XVCLANGUAGEID=
Impact: A remote user can cause the Winamp server to crash, requiring a manual restart to return to normal operations.
Solution: No solution was available at the time of this entry.
Vendor URL:
www.oddsock.org/tools/gen_songrequester/ (Links to External Site)
Cause: Boundary error
Reported By: Lucas Lundgren <ll@outpost24.com>
Message History: None.
http://www.securitytracker.com/alerts/2 ... 04787.html
I hope it is fixed in the current one..
Login
Register
FAQ
Search
