Winamp and Shoutcast vulnerabilities



In the last several days there have been a couple vulnerabilities disclosed that I should cover. The first up is related to Winamp. Version 5.12 is vulnerable to a problem with the way it handles .pls (playlist) files. This could allow very bad things with a specially crafted pls file. There were some workarounds mentioned, however all those workarounds can be subverted. There is a new release available http://www.winamp.com/player/.


The Security Fix lent some coverage to this yesterday. The way Winamp associates itself with playlist files under windows, explorer would likely automatically open any .pls file with winamp (if installed) and … game over. So, if you have Winamp installed, update it. Exploit in the wild….

There was also a Shoutcast vulnerability (getting problems at both ends today in online audio eh?) the vulnerability itself is old Secunia reported it in December of 2004. However, an exploit has been found in the wild. The vulnerability affects Shoutcast v. 1.9.4 and earlier. 1.9.5 fixes the issue. Apparently quite a few folks have stuck with older versions. It’s (past) time to update.

Related Posts

Blog Traffic Exchange Related Posts
  • How to Remove ActiveSecurity | Active Security Removal Guide ActiveSecurity is a rogue antivirus application that uses graphics to indicate a similarity with Microsoft Security Center. It installs via malware including trojans and brings several files along with it when it installs that it then claims are viral and that in order to clean up the mess the user......
  • Microsoft releases official VML patch!! The big news this afternoon is that Microsoft HAS gone out of the routine patch cycle to release a security fix for the VML vulnerability that's been actively exploited in recent days for everything from sneak keylogger installs to massive spyware installs. Sans has a few links, if you de-registered......
  • If the cumulitive IE patch fails to install This is related to MS05-054... According to Incidents.org it's possible that this will not install (user submission of this). They also have a user submitted workaround... Shinil Hong of SUNY Buffalo has sent us his analysis of problems encountered with the installation of MS05-054. Here's what Shinil found out: The......
Blog Traffic Exchange Related Websites
  • Why You Need a Good Home Security System There are many unexpected things which can happen these days. The world can seem pretty cruel at times. This is when you want to be able to come home and feel safe. After all, your home is a place where you want to be able to feel your best......
  • My Take: H&R Block Tax Cut In the interests of full-disclosure, I purchased H&R Block Tax Cut before signing up for affiliate ads.  We're filing our taxes ourselves this year and decided to get tax software. We don't believe our filing will be complicated, but between the move and some other changes, we wanted a program to......
  • Ten Steps To Become a Linux/Unix Geek Until recently, Linux/Unix was considered OS of the geeks. However, with GUI and more desktop Linux distributions, things have simplified on both Linux and Unix. Still you can geek out with Unix/Linux using its terminal. Just follow the steps below to master the terminal. 1. Never used Linux! Get Ubuntu......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site