INTERACT FORUM

Please login or register.

Login with username, password and session length
Advanced search  
Pages: [1]   Go Down

Author Topic: OT:Winamp 2.91-5.02 has security vulnerability  (Read 1329 times)

Ton

  • Regular Member
  • World Citizen
  • ***
  • Posts: 237
  • nothing more to say...
OT:Winamp 2.91-5.02 has security vulnerability
« on: April 05, 2004, 04:01:07 pm »

Maybe this is old news but anyway I would like to pass on a warning I just got by email from a (dutch governmental) warning service which I am subscribed to, because it is not quite impossible that some MC users (still) have Winamp installed.
I was told that all but the latest (5.03) versions of Winamp appear to have a security vulnerability and that it is strongly advised to install the newest version 5.03.
The message is too long to translate completely here, but the above is the essence.
If it's old news I am sorry to repeat it.
Logged

xen-uno

  • Regular Member
  • Citizen of the Universe
  • *****
  • Posts: 2489
  • Checking your hard disk for errors...
Re:OT:Winamp 2.91-5.02 has security vulnerability
« Reply #1 on: April 05, 2004, 04:12:15 pm »

I really doubt there's anything to this WA security scare. I have WA 2.91 installed and to date, have never heard anything about this anywhere. It could be along the lines of these bogus Microsoft Security Update e-mails I've been getting (one said attached file contained all security updates up to June 1995).

10-27

Matt

  • Administrator
  • Citizen of the Universe
  • *****
  • Posts: 42389
  • Shoes gone again!
Re:OT:Winamp 2.91-5.02 has security vulnerability
« Reply #2 on: April 05, 2004, 04:24:35 pm »

one said attached file contained all security updates up to June 1995

Sounds handy.  I'd forward it to all your friends :P
Logged
Matt Ashland, JRiver Media Center

Ton

  • Regular Member
  • World Citizen
  • ***
  • Posts: 237
  • nothing more to say...
Re:OT:Winamp 2.91-5.02 has security vulnerability
« Reply #3 on: April 05, 2004, 04:38:45 pm »

I have translated the message and it goes like this:

"In Winamp a serious vulnerability has been detected. Through this hackers are able to completely take control over a computer or start random programs (like viruses and worms). Computer users can be tempted to click on a file that then will be automatically played through Winamp. This file also can be offered through a website. When the webpage is visited then with a browser, Winamp will be started automatically and the malicious program is executed on the visitor's computer.
Possible consequenes: Viruses and worms are executed. Personal data like passwords or creditcardnumbers are stolen. Files are rewritten and are unusable.
The vulnerability is solved in Winamp 5.03 and you are stronly advised to install this version as soon as possible".

Like I said I got it this evening. It was sent by an official dutch governmental service which sends its subscribers email alerts when a serious virus threat or something alike has been detected.
Of course I can't judge if it is really serious.
Logged

Ton

  • Regular Member
  • World Citizen
  • ***
  • Posts: 237
  • nothing more to say...
Re:OT:Winamp 2.91-5.02 has security vulnerability
« Reply #4 on: April 05, 2004, 05:33:35 pm »

I also posted this on the misticriver forum (for iriver enthusiasts) and one of the forummembers there found this link:
http://slashdot.org/articles/04/04/05/2033235.shtml?tid=126&tid=141&tid=172&tid=188
Seems that it is true.
Logged
Pages: [1]   Go Up