|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Weiss, Bill (bill_weiss
ATT.NET)Date: Mon Apr 02 2001 - 11:22:05 CDT
Josh Merchant(merchantjoshQWEST.NET)Sun, Apr 01, 2001 at 12:39:55PM -0500:
> > Hi all,
> >
> > I have written a full disclosure buffer overflow
> > exploit for the winamp 2.63 buffer overflow found in
> > the M3U file parser...
>
> [Snip]
>
> Correct me if I'm wrong, but wasn't this issue already discussed back in
> July of 2000? I (admittedly) do not understand all the nuances of a buffer
> overflow, but it seems to me that the posting
>
> http://www.securityfocus.com/archive/1/70933
>
> from the Bugtraq archives deal with the exact same issue.
>
> Also, after checking the whatsnew.txt for Winamp, this security hole was
> patched in version 2.65
>
Just thought I'd throw in what the WinAMP whatsnew.txt says.
Winamp 2.65:
* fix to ex-m3u bug/security hole
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]