Lucene search
HistoryDec 10, 2014 - 3:59 p.m.
CVE-2014-9091
icecast
cve-2014-9091
changeowner
security vulnerability
nvd
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
6.3 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Icecast before 2.4.0 does not change the supplementary group privileges when <changeowner> is configured, which allows local users to gain privileges via unspecified vectors.
Affected configurations
Node
icecasticecastRange≤2.3.3
| CPE | Name | Operator | Version |
|---|---|---|---|
| icecast:icecast | icecast | le | 2.3.3 |
Related
nvd
nvd
CVE-2014-9091
2014-12-10 15:59:19
prion
prion
Code injection
2014-12-10 15:59:00
ubuntucve
ubuntucve
CVE-2014-9091
2014-12-10 00:00:00
debiancve
debiancve
CVE-2014-9091
2014-12-10 15:59:19
cvelist
cvelist
CVE-2014-9091
2014-12-10 15:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: icecast-2.4.1-1.fc20
2014-12-15 04:36:54
[SECURITY] Fedora 19 Update: icecast-2.4.1-1.fc19
2014-12-15 04:29:38
[SECURITY] Fedora 21 Update: icecast-2.4.1-1.fc21
2014-12-15 04:37:20
openvas
openvas
Fedora Update for icecast FEDORA-2014-16483
2014-12-15 00:00:00
Gentoo Security Advisory GLSA 201412-38
2015-09-29 00:00:00
Fedora Update for icecast FEDORA-2014-16394
2014-12-15 00:00:00
nessus
nessus
Fedora 20 : icecast-2.4.1-1.fc20 (2014-16394)
2014-12-15 00:00:00
Fedora 19 : icecast-2.4.1-1.fc19 (2014-16483)
2014-12-15 00:00:00
Fedora 21 : icecast-2.4.1-1.fc21 (2014-16435)
2014-12-15 00:00:00
gentoo
gentoo
Icecast: Multiple Vulnerabilities
2014-12-26 00:00:00
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
6.3 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2014-9091