Winamp Web Interface Multiple Remote Vulnerabilities
BID:21539
Info
Winamp Web Interface Multiple Remote Vulnerabilities
| Bugtraq ID: | 21539 |
| Class: | Unknown |
| CVE: |
CVE-2006-6513 CVE-2006-6514 CVE-2006-6539 |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 11 2006 12:00AM |
| Updated: | Jul 06 2016 02:40PM |
| Credit: | Luigi Auriemma is credited with the discovery of these vulnerabilities. |
| Vulnerable: |
flippet.org Winamp Web Interface 7.5.13 |
| Not Vulnerable: | |
Discussion
Winamp Web Interface Multiple Remote Vulnerabilities
Winamp Web Interface is prone to multiple remote vulnerabilities. These issues include:
- Buffer-overflow issues
- A directory-traversal issue
- An arbitrary file-download issue
- A denial-of-service issue
- An information-disclosure issue
An attacker can exploit thse issues to execute arbitrary code within the context of the affected application, crash the affected application, deny service to legitimate users, download arbitrary files, and obtain sensitive information. Other attacks are also possible.
Winamp Web Interface 7.5.13 and prior versions are vulnerable to these issues.
Winamp Web Interface is prone to multiple remote vulnerabilities. These issues include:
- Buffer-overflow issues
- A directory-traversal issue
- An arbitrary file-download issue
- A denial-of-service issue
- An information-disclosure issue
An attacker can exploit thse issues to execute arbitrary code within the context of the affected application, crash the affected application, deny service to legitimate users, download arbitrary files, and obtain sensitive information. Other attacks are also possible.
Winamp Web Interface 7.5.13 and prior versions are vulnerable to these issues.
Exploit / POC
Winamp Web Interface Multiple Remote Vulnerabilities
Attackers can exploit these issues via a web client.
The follow proofs of concept are available:
Buffer-overflow vulnerabilities:
http://www.example.com/browse then insert an username longer than 100 chars
http://www.example.com/dl?file=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
Directory-traversal:
http://www.example.com/browse?path=%2f..%2f..%2f
Arbitrary file-download vulnerability:
http://www.example.com/dl?file=\file.txt.
Attackers can exploit these issues via a web client.
The follow proofs of concept are available:
Buffer-overflow vulnerabilities:
http://www.example.com/browse then insert an username longer than 100 chars
http://www.example.com/dl?file=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
Directory-traversal:
http://www.example.com/browse?path=%2f..%2f..%2f
Arbitrary file-download vulnerability:
http://www.example.com/dl?file=\file.txt.
Solution / Fix
Winamp Web Interface Multiple Remote Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Winamp Web Interface Multiple Remote Vulnerabilities
References:
References:
- Winamp Web Interface Home Page (flippet.org)
- Multiple vulnerabilities in Winamp Web Interface 7.5.13 (Luigi Auriemma