Lucene search
Arch LinuxASA-201411-32HistoryNov 28, 2014 - 12:00 a.m.
icecast: information leak
2014-11-2800:00:00
Arch Linux
lists.archlinux.org
17
EPSS
0.027
Percentile
90.5%
It was reported that Icecast could possibly leak the contents of
on-connect scripts to clients, which may contain sensitive information.
If on-connect/on-disconnect scripts are used, file descriptors of the
server process remain open and could be written to or read from. Most
pressing STDIN, STDOUT, STDERR are handled.
Further all file descriptors up to 1024 are closed. There is a remaining
(much lower) risk in combination of either a malicious or susceptible
script and FDs above 1024.
Related
ubuntucve
ubuntucve
CVE-2014-9018
2014-12-03 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : icecast (MDVSA-2014:231)
2014-11-28 00:00:00
openSUSE Security Update : icecast (openSUSE-SU-2014:1593-1)
2014-12-09 00:00:00
Fedora 20 : icecast-2.4.1-1.fc20 (2014-16394)
2014-12-15 00:00:00
securityvulns
securityvulns
[ MDVSA-2014:231 ] icecast
2014-11-30 00:00:00
icecast information disclosure
2014-11-30 00:00:00
mageia
mageia
Updated icecast package fixes security vulnerability
2014-11-26 20:29:06
prion
prion
Design/Logic Flaw
2014-12-03 18:59:00
cvelist
cvelist
CVE-2014-9018
2014-12-03 18:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0494)
2022-01-28 00:00:00
Gentoo Security Advisory GLSA 201412-38
2015-09-29 00:00:00
Fedora Update for icecast FEDORA-2014-16483
2014-12-15 00:00:00
nvd
nvd
CVE-2014-9018
2014-12-03 18:59:08
debiancve
debiancve
CVE-2014-9018
2014-12-03 18:59:08
cve
cve
CVE-2014-9018
2014-12-03 18:59:08
fedora
fedora
[SECURITY] Fedora 20 Update: icecast-2.4.1-1.fc20
2014-12-15 04:36:54
[SECURITY] Fedora 21 Update: icecast-2.4.1-1.fc21
2014-12-15 04:37:20
[SECURITY] Fedora 19 Update: icecast-2.4.1-1.fc19
2014-12-15 04:29:38
gentoo
gentoo
Icecast: Multiple Vulnerabilities
2014-12-26 00:00:00
osv
osv
icecast-2.4.2-1.7 on GA media
2024-06-15 00:00:00