- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: C* music player: Insecure temporary file usage
Date: September 09, 2009
Bugs: #250474
ID: 200909-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
execution of arbitrary code.
Background
==========
Amarok is an advanced music player.
Affected packages
=================
-------------------------------------------------------------------
[~] Step 5: Click On Add Music And Select The php file ( If you can
see php file in the upload window type *.* in the file name )
[~] Step 6: And Click on save music to playlist
[~] Step 7: You Will See the Music Player Move the Cursor on the php
filename and copy the link of the shell.
Generaly it will be :
http://www.xxx.com/public/music_song/1000000/[numbers]/[user_id]/[some_numbers].php
#!/usr/bin/perl
# Ostoure sazan sharif
# Home: www.ostoure.com
# Easy Music Player 1.0.0.2 (wav) Universal Local Buffer Exploit (SEH)
# http://www.otbcode.com/downloads/easymusicsetup.exe
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
my $netw0rm=
[*] Greetings to : corelanc0d3r, EdiStrosar, mr_me, ekse, MarkoT, sinn3r
0x01 : Vendor description of software
-------------------------------------
S.O.M.PL. Is a Simple Open Music Player that plays mp3 files. This player loads mp3 files and stores them in a playlist. It includes features such as random tracks selection,tracks repetition,loading playlist, saving playlist.
0x02 : Vulnerability details
----------------------------
symlink attack.
Background
==========
Amarok is an advanced music player.
Affected packages
=================
-------------------------------------------------------------------
