Bugtraq mailing list archives
RE: Foundstone Research Labs Advisory - Multiple Exploitable Buff er Overflows in Winamp (fwd)
From: "Shutters, Mike" <mshutters () titan com>
Date: Thu, 19 Dec 2002 20:17:23 -0500
I went ahead and installed the latest 2.81, even though it was dated as you said. After the install I found a file in the Plugins directory named IN_MP3.DLL, which is 132K in size and dated December 16, 2002, 1:55 PM. Perhaps this is the file which created the fix. Unfortunately, I didn't check the directory contents prior to updating from 2.80. Mike
-----Original Message----- From: David Howe [SMTP:DaveHowe () gmx co uk] Sent: Thursday, December 19, 2002 9:49 AM To: Email List: BugTraq Subject: Re: Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd) at Thursday, December 19, 2002 12:31 AM, Dave Ahmad <da () securityfocus com> was seen to say:Solution: For Winamp 2.81 users We recommend either upgrading to Winamp 3.0 or redownloading Winamp 2.81 (which has since been fixed) from: http://www.winamp.comDoes anyone have a more direct URL or a MD5 hash of the "safe" file? the current download of 2.81 is still dated Aug 21 and the current 3.0 dated 8 Aug (on the site - haven't downloaded 3.0. but the internal date on 2.81 is definitely the 21st) There is also *nothing* about this on the winamp site - its as if it didn't exist.
Current thread:
- RE: Foundstone Research Labs Advisory - Multiple Exploitable Buff er Overflows in Winamp (fwd) Shutters, Mike (Dec 20)