ID CVE-2001-1229
Summary Buffer overflows in (1) Icecast before 1.3.9 and (2) libshout before 1.0.4 allow remote attackers to cause a denial of service (crash) and execute arbitrary code.
References
Vulnerable Configurations
  • cpe:2.3:a:icecast:icecast:1.3.9
    cpe:2.3:a:icecast:icecast:1.3.9
  • cpe:2.3:a:libshout:libshout:1.0.4
    cpe:2.3:a:libshout:libshout:1.0.4
CVSS
Base: 7.5 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Web Servers
    NASL id ICECAST_LIBSHOUT_BOF.NASL
    description The remote server runs a version of Icecast, an open source streaming audio server, which is older than version 1.3.9. Icecast and the libshout library are affected by a remote buffer overflow because they do not properly check bounds of data send from clients. As a result of this vulnerability, it is possible for a remote attacker to cause a stack overflow and then execute arbitrary code with the privilege of the server. *** Nessus reports this vulnerability using only *** information that was gathered.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 15398
    published 2004-10-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15398
    title Icecast / libshout Multiple Remote Overflows
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_5E92E8A25D7B11D880E30020ED76EF5A.NASL
    description icecast 1.3.11 and earlier contained numerous security vulnerabilities, the most severe allowing a remote attacker to execute arbitrary code as root.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 18950
    published 2005-07-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18950
    title FreeBSD : icecast 1.x multiple vulnerabilities (5e92e8a2-5d7b-11d8-80e3-0020ed76ef5a)
redhat via4
advisories
rhsa
id RHSA-2002:063
refmap via4
bugtraq 20010312 Icecast / Libshout remote vulnerabilities
conectiva CLA-2001:387
confirm http://www.xiph.org/archives/icecast/0074.html
Last major update 17-10-2016 - 22:14
Published 12-03-2001 - 00:00
Back to Top