Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
icecast vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2005-0838
Multiple buffer overflows in the XSL parser for IceCast 2.20 may allow malicious users to cause a denial of service and possibly execute arbitrary code via (1) a long test value in an xsl:when tag, (2) a long test value in an xsl:if tag, or (3) a long select value in an xsl:value...
Icecast Icecast 2.20
1 EDB exploit
5
CVSSv2
CVE-2002-1982
Directory traversal vulnerability in the list_directory function in Icecast 1.3.12 allows remote malicious users to determine if a directory exists via a .. (dot dot) in the GET request, which returns different error messages depending on whether the directory exists or not.
Icecast Icecast 1.3.12
1 EDB exploit
10
CVSSv2
CVE-2001-0197
Format string vulnerability in print_client in icecast 1.3.8beta2 and previous versions allows remote malicious users to execute arbitrary commands.
Icecast Icecast 1.3.7
Icecast Icecast
Redhat Linux 6.1
Redhat Linux 6.2
Redhat Linux 7.0
Redhat Linux 6.0
1 EDB exploit
7.5
CVSSv2
CVE-2001-1229
Buffer overflows in (1) Icecast prior to 1.3.9 and (2) libshout prior to 1.0.4 allow remote malicious users to cause a denial of service (crash) and execute arbitrary code.
Icecast Icecast
Libshout Libshout
5
CVSSv2
CVE-2011-4612
icecast prior to 2.3.3 allows remote malicious users to inject control characters such as newlines into the error loc (error.log) via a crafted URL.
Xiph Icecast
9.3
CVSSv2
CVE-2007-1344
Multiple buffer overflows in src/ezstream.c in Ezstream prior to 0.3.0 allow remote malicious users to execute arbitrary code via a crafted XML configuration file processed by the (1) urlParse function, which causes a stack-based overflow and the (2) ReplaceString function, which...
Xiph Icecast Ezstream
6.8
CVSSv2
CVE-2018-18820
A buffer overflow exists in the URL-authentication backend of the Icecast prior to 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote code e...
Xiph Icecast
Debian Debian Linux 9.0
Debian Debian Linux 8.0
5
CVSSv2
CVE-2015-3026
Icecast prior to 2.4.2, when a stream_auth handler is defined for URL authentication, allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via a request without login credentials, as demonstrated by a request to "admin/killsource?mo...
Xiph Icecast
Debian Debian Linux 8.0
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
NA
CVE-2022-41952
Synapse prior to 1.52.0 with URL preview functionality enabled will attempt to generate URL previews for media stream URLs without properly limiting connection time. Connections will only be terminated after `max_spider_size` (default: 10M) bytes have been downloaded, which can i...
Matrix Synapse
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2