Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Winamp 5.12 - 0day exploit - code execution through playlist

from [Chris Wysopal] Network Security [Permanent Link]
Subject: Re: Winamp 5.12 - 0day exploit - code execution through playlist
Date: Mon, 30 Jan 2006 14:20:37 -0500 (EST) 

You can disable auto launching Winamp for playlist files as a workaround.

For Firefox, go to Tools / Options settings, click on Download icon, then
click on View & Edit Actions...  Scroll down to M3U extension and then
push the Remove Action button.  Firefox will no longer automatically
launch firefox for Winamp playlist files.

It is a good idea in general for attack surface reduction to trim down the
View & Edit actions to just the ones you need. Do you really need AIFF and
AU autolaunching for instance?  What about all those Quicktime and Acrobat
formats? Looks like a lot of unnecessary attack surface to me.

For IE you need to disable the file type in Windows Explorer.  Go to Tools
/ Folder Options / File Types.  Scroll down to the file extension you want
to change. In this case its M3U. Check Confirm after download.  You will
be prompted to launch WinAmp if a M3U file is downloaded.  You can remove
the file type completely but that will also remove the ability to
double-click to launch playlists from the Windows shell.

You may want to go through this list and check confirm after download for
many file types.  It would be nice if more vendors installed their file
types with this option in place.

-Chris
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [ MDKSA-2006:026 ] - Updated bzip2 packages fix bzgrep vulnerabilities, security
Next by Date:  New worm crawling trough blogs?!, blog . worm
Previous by Thread:  Winamp 5.12 - 0day exploit - code execution through playlist, Process
Next by Thread:  Re: Re: Winamp 5.12 - 0day exploit - code execution through playlist, Juha-Matti Laurio
Indexes:  [Date] [Thread] [Top] [All Lists]