[icecast] Winamp security hole

EvilOverlord eviloverlord at kucs.net
Mon Apr 5 15:14:30 PDT 2004



Hello, some of you might consider this to be OT but I think it's 
important enough to warrant telling people.

  " A "highly critical" hole in one of the most-used pieces of software
  in the world means that audio files will be music to hackers' ears.

  The ubiquitous WinAmp program - used to play a huge range of media
  files - can provide someone with system access simply by getting
  someone to visit a malicious website. It all has to do with how the
  software loads Fasttracker 2 ".xm" media files. "

http://www.techworld.com/security/news/index.cfm?NewsID=1343

The fix is to get Winamp 5.03.

If like me you can't bear the idea of leaving 2.x behind:

1. Right click the Winamp player, go to 'Options' and then to
'Preferences...'.

2. In the new window which loads, go to 'Plug-ins' and 'Input'.

3. Look for the input plug-in items 'Nullsoft Module Decoder' and double
click it to bring up the 'Nullsoft Module Decoder Preferences' window.

4. Select the 'Fasttracker 2' loader and deselect the 'Enabled' checkbox to
the right of the loaders list.

5. Close all of the option windows and return to the main player.

<p>Stephen
KUCS.net
--- >8 ----
List archives:  http://www.xiph.org/archives/
icecast project homepage: http://www.icecast.org/
To unsubscribe from this list, send a message to 'icecast-request at xiph.org'
containing only the word 'unsubscribe' in the body.  No subject is needed.
Unsubscribe messages sent to the list will be ignored/filtered.



More information about the Icecast mailing list