[icecast] Winamp security hole
eviloverlord at kucs.net
Mon Apr 5 15:14:30 PDT 2004
Hello, some of you might consider this to be OT but I think it's
important enough to warrant telling people.
" A "highly critical" hole in one of the most-used pieces of software
in the world means that audio files will be music to hackers' ears.
The ubiquitous WinAmp program - used to play a huge range of media
files - can provide someone with system access simply by getting
someone to visit a malicious website. It all has to do with how the
software loads Fasttracker 2 ".xm" media files. "
The fix is to get Winamp 5.03.
If like me you can't bear the idea of leaving 2.x behind:
1. Right click the Winamp player, go to 'Options' and then to
2. In the new window which loads, go to 'Plug-ins' and 'Input'.
3. Look for the input plug-in items 'Nullsoft Module Decoder' and double
click it to bring up the 'Nullsoft Module Decoder Preferences' window.
4. Select the 'Fasttracker 2' loader and deselect the 'Enabled' checkbox to
the right of the loaders list.
5. Close all of the option windows and return to the main player.
--- >8 ----
List archives: http://www.xiph.org/archives/
icecast project homepage: http://www.icecast.org/
To unsubscribe from this list, send a message to 'icecast-request at xiph.org'
containing only the word 'unsubscribe' in the body. No subject is needed.
Unsubscribe messages sent to the list will be ignored/filtered.
More information about the Icecast