Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Icecast
(Icecast)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 14 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2004-05-10 | CVE-2004-2027 | Buffer overflow in Icecast 2.0.0 and earlier allows remote attackers to cause a denial of service (crash) via a long Basic Authorization header that triggers an out-of-bounds read. | Icecast | N/A | ||
| 2004-12-31 | CVE-2004-1561 | Buffer overflow in Icecast 2.0.1 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a large number of headers. | Icecast | N/A | ||
| 2004-10-20 | CVE-2004-0781 | Cross-site scripting (XSS) vulnerability in list.cgi in the Icecast internal web server (icecast-server) 1.3.12 and earlier allows remote attackers to inject arbitrary web script via the UserAgent parameter. | Icecast | N/A | ||
| 2002-12-31 | CVE-2002-1982 | Directory traversal vulnerability in the list_directory function in Icecast 1.3.12 allows remote attackers to determine if a directory exists via a .. (dot dot) in the GET request, which returns different error messages depending on whether the directory exists or not. | Icecast | N/A | ||
| 2002-04-22 | CVE-2002-0177 | Buffer overflows in icecast 1.3.11 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request from an MP3 client. | Icecast | N/A | ||
| 2001-03-13 | CVE-2001-1230 | Buffer overflows in Icecast before 1.3.10 allow remote attackers to cause a denial of service (crash) and execute arbitrary code. | Icecast | N/A | ||
| 2001-03-12 | CVE-2001-1229 | Buffer overflows in (1) Icecast before 1.3.9 and (2) libshout before 1.0.4 allow remote attackers to cause a denial of service (crash) and execute arbitrary code. | Icecast, Libshout | N/A | ||
| 2001-06-26 | CVE-2001-1083 | Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file streaming support enabled allows remote attackers to cause a denial of service (crash) via a URL that ends in . (dot), / (forward slash), or \ (backward slash). | Icecast | N/A | ||
| 2001-10-18 | CVE-2001-0784 | Directory traversal vulnerability in Icecast 1.3.10 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack using encoded URL characters. | Icecast | N/A | ||
| 2001-03-26 | CVE-2001-0197 | Format string vulnerability in print_client in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands. | Icecast, Linux | N/A |