Get our new Windows 7 eBook (PDF) for $7 with 70+ Tips. Download Now!

SHOUTcast Filename Format String Vulnerability

Sunday, December 26th, 2004
by Marc Erickson

No Related Post

Secunia Advisory: SA13661

Critical: Highly critical

Impact: System access

Where: From remote

Solution Status: Unpatched

Software: SHOUTcast 1.x

Tomasz Trojanowski and Damian Put have discovered a vulnerability in SHOUTcast, which potentially can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is cause due to a format string error in the URL handling within the processing of requested filenames. This can be exploited to execute arbitrary code by sending a specially crafted HTTP request containing format specifiers.

The vulnerability has been confirmed in SHOUTcast DNAS/Linux version 1.9.4. Other versions may also be affected.

Solution: Restrict access or use another product.

Tags

Categories

Linux

What Do You Think?

Posted Recently

Chrome OS Security The Winner?

Free Netbooks From Google?

Another Naysayer Gets It Half Wrong

Ba Ba BaShare Is Not For Sheep

GnoMenu Brings Menu Control To GNOME Users

Better MP3 Players Than The iPod?

Source Code Released - Google Chromium OS

To GIMP Or Not To GIMP

Banshee Gets New Features

SourceForge To GeekNet - Let The Confusion Commence

Weirdest Mouse Ever Built?

Is Windows 7 Really Easier To Install?

Could Skype Really Go Open Source

Microsoft Linux?

Ubuntu Five Years Later

Seeking Linux Support Over VoIP

Citibank Lives In The Past

Is Ubuntu The Defacto Windows 7 Alternative?

Adobe Likes What Now?

Is Linux It’s Own Worst Enemy?

IBM Ready To Make Ubuntu Your Default Desktop?

Red Hat Out Does Microsoft Stock Price

OpenShot Video Editor Continues To Blow Me Away

Remembering Mandriva

Eeebuntu Goes Debian

Guitarix Gives JACK Some Rock

Linux Foundation Membership Keeps On Giving

Ghosting With Clonezilla

Does Linux Attract Trolls?

WINE Is Always Better Aged

Open Source That Soda Son

Linux Audio - A History

Which Distro Has The Most Users?

Interview With Pulseaudio Creator

WebcamStudio For Desktop Broadcasting

Best Notebook For Running Linux

London’s Stock Exchange Joins NY’s With Linux

Dual Booting With Common Sense

A Friendly Reminder - Wait Before Upgrading

I Love Me Some Ear Candy!

35 queries / 0.357 seconds.