Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3441

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-3441
Last Modified 13 Aug 2012 10:46:05
Published 01 Aug 2008 10:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-3441

Summary

Nullsoft Winamp before 5.24 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.

Vulnerable Systems

Application

  • Nullsoft Winamp 5.0

  • Nullsoft Winamp 5.01

  • Nullsoft Winamp 5.02

  • Nullsoft Winamp 5.03

  • Nullsoft Winamp 5.04

  • Nullsoft Winamp 5.05

  • Nullsoft Winamp 5.06

  • Nullsoft Winamp 5.07

  • Nullsoft Winamp 5.08

  • Nullsoft Winamp 5.09

  • Nullsoft Winamp 5.091

  • Nullsoft Winamp 5.093

  • Nullsoft Winamp 5.094

  • Nullsoft Winamp 5.1

  • Nullsoft Winamp 5.11

  • Nullsoft Winamp 5.111

  • Nullsoft Winamp 5.112

  • Nullsoft Winamp 5.12

  • Nullsoft Winamp 5.13

  • Nullsoft Winamp 5.2

  • Nullsoft Winamp 5.21

  • Nullsoft Winamp 5.22

  • Nullsoft Winamp 5.23


References

MISC - http://www.infobyte.com.ar/down/Francisco%20Amato%20-%20evilgrade%20-%20ENG.pdf

SECTRACK - 1020582

FULLDISC - 20080728 Tool release: [evilgrade] - Using DNS cache poisoning to exploit poor update implementations


Last Updated: 27 May 2016 10:48:12