Oddsock Song Requester Playlist Generator for Winamp Has Buffer Overflows Let Remote Users Crash the Winamp Media Server
SecurityTracker Alert ID: 1004787|
SecurityTracker URL: http://securitytracker.com/id/1004787
(Links to External Site)
Date: Jul 17 2002
Denial of service via network|
Exploit Included: Yes |
Buffer overflow vulnerabilities were reported in the Oddsock Song Requester Winamp plugin. A remote user can cause the Winamp media server to crash.|
Outpost24 Security reported several buffer overflow vulnerabilities that allow a remote user to cause denial of service conditions. A remote user can cause the Winamp media service to crash, requiring a restart to return to normal operations.
The vulnerability reportedly exists in the parsing of long names or character strings. Successful exploitation may cause Winamp to shut down. Two demonstration exploit URLs are provided:
Both URLs will cause Winamp to crash, but the second will cause Winamp to crash without generating any error messages.
According to the report, all the Song Requester CGI files are vulnerable, including the 'admin.cgi' script.
The vendor has reportedly been notified.
See the original Outpost24 advisory at:
A remote user can cause the Winamp server to crash, requiring a manual restart to return to normal operations.|
No solution was available at the time of this entry.|
Vendor URL: www.oddsock.org/tools/gen_songrequester/ (Links to External Site)
Source Message Contents
Subject: Outpost24 Advisory: Oddsock PlaylistGenerator Multiple|
Advisory Name: Oddsock PlaylistGenerator Multiple
Release date: 15/07-02
Software : Song Requester Version : 2.1
Platform: Windows NT/XP/95/98/2000
Severity: DoS Vulnerability, that terminates Winamp,
Author: Lucas Lundgren (firstname.lastname@example.org)
Vedor Status: No response
Oddsock Playlist generator is used by Radio DJs to
allow listeners to choose a song to play from the
Winamp Playlist.Song Requester Version
2.1 contains multiple buffer overflows, which will
result in a DoS attack against the Winamp/Shoutcast
service. The DJ will have to restart Winamp in order to
make it work again.
There are two major kinds of DoS attacks against this
software: the first will display an error message, and
inform the user that a logfile has been created. The
second attack closes down Winamp and restores the
playlist from the previous state, so that any newly
added songs will not be displayed in the playlist.It
also restores the admin password to what
is was previously, if it has been changed without
By parsing long names or characters to the CGI files in
the Song Requester, a DoS is avalible, closing down
Winamp and / or leaving a error log. You could try to
This will cause Winamp to crash, and makes Dr Watson
dump a logfile.
But if you parse:
Winamp will die without any error messages.
Oddsock overflows the playlist and crashes the Winamp
player. If you want to check it out, please look at Dr
Watson logs for more details. All the CGI files in
Song Requester are vulnerable to DoS attacks, even
the 'admin.cgi'. Please note that the password you type
in is in clear text; no asterix signs replace the
Contact: Lucas Lundgren (email@example.com)