[vlc] Re: Very strange/suspicious VLC-related behavior
Rémi Denis-Courmont
rem at videolan.org
Tue Apr 10 09:59:33 CEST 2007
Le mardi 10 avril 2007 10:38, Ross Finlayson a écrit :
> Has anyone else seen anything like this?
Not me.
> Is this an indication of a security hole in VLC?
Probably. But might well be an abuse of the "well-known" movement
vectors overflow in libmpeg2 (Meuuh posted some infos about this after
Sam unleashed zzuf).
In any case, it looks very bad. Yet, if you trust the data source, this
looks pretty weird. Did you enable any networked plugin in VLC (service
discovery, remote interface, etc.) ? What does netstat say?
> (Is there anything in the VLC code that can allow files to be
> renamed?)
Sort of, unfortunately, yes. The HTTP access code renames playlist items
when following redirections, for instance. Still, if you were playing a
file locally...
--
Rémi Denis-Courmont
http://www.remlab.net/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://mailman.videolan.org/pipermail/vlc/attachments/20070410/278c1ff4/attachment.sig>
More information about the vlc
mailing list