exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

oddsock.txt

oddsock.txt
Posted Jul 17, 2002
Authored by Lucas Lundgren | Site outpost24.com

Outpost24 Advisory - The Oddsock Playlist Generator v2.1 contains multiple buffer overflow vulnerabilities which result in a denial of service against the winamp/shoutcast service.

tags | denial of service, overflow, vulnerability
SHA-256 | 90c57c359b6bdbc11c79f220a2fbf14980057252f61933fa10f8406116cc4f9f

oddsock.txt

Change Mirror Download
                                   Outpost24 Advisory
www.outpost24.com


Advisory Name: Oddsock PlaylistGenerator Multiple BufferOverlow vulnerability
Release date: 15/07-02
Software : Song Requester Version : 2.1
Platform: Windows NT/XP/95/98/2000
Severity: DoS Vulnerability, that terminates Winamp, and restart
Author: Lucas Lundgren (ll@outpost24.com)
Vedor Status: No response


Summary:

Oddsock Playlist generator is used by Radio DJs to allow listeners to
choose a song to play from the Winamp Playlist.Song Requester Version
2.1 contains multiple buffer overflows, which will result in a DoS
attack against the Winamp/Shoutcast service.

The DJ will have to restart Winamp in order to make it work again. There
are two major kinds of DoS attacks against this software: the first will
display an error message, and inform the user that a logfile has been
created. The second attack closes down Winamp and restores the
playlist from the previous state, so that any newly added songs will not
be displayed in the playlist.It also restores the admin password to what
is was previously, if it has been changed without restarting Winamp.

Technical Details:

By parsing long names or characters to the CGI files in the Song
Requester, a DoS is avalible, closing down Winamp and / or leaving a
error log. You could try to parse

http://<musicserver>/request.cgi?listpos=9999999999999999999999999999
(9x256)

This will cause Winamp to crash, and makes Dr Watson dump a logfile.
If you parse:

http://<musicserver>/request.cgi?psearch=999999999999999999999999999999
(9x254)

Winamp will die without any error messages.

Oddsock overflows the playlist and crashes the Winamp player. If you
want to check it out, please look at Dr Watson logs for more details.
All the CGI files in Song Requester are vulnerable to DoS attacks, even
the 'admin.cgi'. Please note that the password you type in is in clear
text; no asterix signs replace the characters.

Outpost24
Contact: Lucas Lundgren (ll@outpost24.com)
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close