|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: ByteRage (byterage
YAHOO.COM)Date: Wed Apr 04 2001 - 04:40:01 CDT
I would like to note that winamp was patched against
this bug as of version 2.65, meaning that all versions
>2.64 aren't bugged, with going wacko I just mean that
fe version 2.73 seems to be loosing its mind ... :)
(buffer overflow condition doesn't take place)
However the exploit works on versions
2.64/2.63/2.62/2.61/2.60
Winamp 2.5E (I think this is the version right before
2.60) also contains the buffer overflow, but the
exploit doesn't work because parts of the shellcode
are smashed, resulting in a crash...
I havent tested the exploit on versions <2.5E, however
it's pretty likely that if 2.5E doesnt work,
2.50/2.5A/2.5B/2.5C & 2.5D won't work either (I havent
tested this, as I couldnt get my hands on these rather
old versions)
Versions <2.5 can not be affected with the bug, as
they don't have M3U parsing
I hope this cleared things up a bit...
greetz,
[ByteRage]
__________________________________________________
Do You Yahoo!?
Get email at your own domain with Yahoo! Mail.
http://personal.mail.yahoo.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]