Oddsock Song Requester 2.1 - WinAmp Plugin Denial of Service Vulnerability

ID EDB-ID:21620
Type exploitdb
Reporter Lucas Lundgren
Modified 2002-07-16T00:00:00


Oddsock Song Requester 2.1 WinAmp Plugin Denial Of Service Vulnerability. CVE-2002-1028. Dos exploit for cgi platform

                                            source: http://www.securityfocus.com/bid/5248/info

A vulnerability has been reported for Oddsock Song Requester 2.1.

The vulnerability occurs when an attacker makes a request to 'request.cgi' using a long value for the 'listpos' parameter. It is possible to cause Song Requester and WinAmp to crash. As this condition may be due to a buffer overflow, code execution should be considered a possibility.

Note: it was reported that the value for the 'psearch' parameter also causes a crash, however this could not be reproduced by SecurityFocus.