Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
| GEN:SID | 1:3088 |
| Message | WEB-CLIENT winamp .cda file name overflow attempt |
| Summary | This event is generated when an attempt is made to exploit a client buffer overflow associated with Winamp's processing of a filename with an extension of .cda. |
| Impact | A successful attack may permit a buffer overflow that allows the execution of arbitrary code at the privilege level of the user running Winamp. |
| Detailed Information | Winamp is a media file player for Windows developed by Nullsoft. A buffer overflow exists because of insufficient bounds checking while handling the name of a CD audio format file (.cda extension) or a playlist that contains a filename with a .cda extension. An overly long name may cause the buffer overflow permitting the execution of arbitrary code at the privilege level of the user running Winamp. |
| Affected Systems | Winamp 3.x, and 5.x |
| Attack Scenarios | An attacker can create and send a malformed .cda filename that may cause a buffer overflow and the subsequent execution of arbitrary code on the vulnerable host. |
| Ease of Attack | Simple. |
| Corrective Action | Upgrade to the latest non-affected version of the software. |
| Additional References | |
| Rule References | bugtraq: 11730 cve: 2004-1119 nessus: 15817 |
--
DID:512167
--
http://www.aanval.com/