Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
icecast vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-0838
Multiple buffer overflows in the XSL parser for IceCast 2.20 may allow malicious users to cause a denial of service and possibly execute arbitrary code via (1) a long test value in an xsl:when tag, (2) a long test value in an xsl:if tag, or (3) a long select value in an xsl:value...
Icecast Icecast 2.20
1 EDB exploit
NA
CVE-2002-1982
Directory traversal vulnerability in the list_directory function in Icecast 1.3.12 allows remote malicious users to determine if a directory exists via a .. (dot dot) in the GET request, which returns different error messages depending on whether the directory exists or not.
Icecast Icecast 1.3.12
1 EDB exploit
NA
CVE-2001-0197
Format string vulnerability in print_client in icecast 1.3.8beta2 and previous versions allows remote malicious users to execute arbitrary commands.
Icecast Icecast 1.3.7
Icecast Icecast
Redhat Linux 6.1
Redhat Linux 6.2
Redhat Linux 7.0
Redhat Linux 6.0
1 EDB exploit
NA
CVE-2001-1229
Buffer overflows in (1) Icecast prior to 1.3.9 and (2) libshout prior to 1.0.4 allow remote malicious users to cause a denial of service (crash) and execute arbitrary code.
Icecast Icecast
Libshout Libshout
NA
CVE-2011-4612
icecast prior to 2.3.3 allows remote malicious users to inject control characters such as newlines into the error loc (error.log) via a crafted URL.
Xiph Icecast
NA
CVE-2007-1344
Multiple buffer overflows in src/ezstream.c in Ezstream prior to 0.3.0 allow remote malicious users to execute arbitrary code via a crafted XML configuration file processed by the (1) urlParse function, which causes a stack-based overflow and the (2) ReplaceString function, which...
Xiph Icecast Ezstream
8.1
CVSSv3
CVE-2018-18820
A buffer overflow exists in the URL-authentication backend of the Icecast prior to 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote code e...
Xiph Icecast
Debian Debian Linux 9.0
Debian Debian Linux 8.0
NA
CVE-2015-3026
Icecast prior to 2.4.2, when a stream_auth handler is defined for URL authentication, allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via a request without login credentials, as demonstrated by a request to "admin/killsource?mo...
Xiph Icecast
Debian Debian Linux 8.0
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
5.3
CVSSv3
CVE-2022-41952
Synapse prior to 1.52.0 with URL preview functionality enabled will attempt to generate URL previews for media stream URLs without properly limiting connection time. Connections will only be terminated after `max_spider_size` (default: 10M) bytes have been downloaded, which can i...
Matrix Synapse
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21991
CVE-2024-32674
path traversal
CVE-2023-21987
denial of service
dos
CVE-2024-4647
CVE-2024-25519
CVE-2024-33612
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2