[] NeoSense
E X P L O I T S
title author type platform port cve id

Oddsock Song Requester 2.1 WinAmp Plugin - Denial of Service

Author: Lucas Lundgren
type: dos
platform: cgi
port: 
date_added: 2002-07-16 
date_updated: 2012-09-30 
verified: 1 
codes: CVE-2002-1028;OSVDB-6769 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/5248/info

A vulnerability has been reported for Oddsock Song Requester 2.1.

The vulnerability occurs when an attacker makes a request to 'request.cgi' using a long value for the 'listpos' parameter. It is possible to cause Song Requester and WinAmp to crash. As this condition may be due to a buffer overflow, code execution should be considered a possibility.

Note: it was reported that the value for the 'psearch' parameter also causes a crash, however this could not be reproduced by SecurityFocus.

http://<musicserver>/request.cgi?listpos=999...999(9x256)
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.