Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-201508-03
HistoryAug 15, 2015 - 12:00 a.m.

Icecast: Denial of service

2015-08-1500:00:00
Gentoo Foundation
security.gentoo.org
8

0.05 Low

EPSS

Percentile

92.8%

JSON

Background

Icecast is an open source alternative to shoutcast that supports mp3, ogg (vorbis/theora) and aac streaming.

Description

When stream_auth handler is defined for URL authentication and a request is sent without login credentials, a Denial of Service condition can occur.

Impact

A remote attacker could possibly cause a Denial of Service condition.

Workaround

Users of affected versions can change stream_auth mountpoints to use password authentication instead.

Resolution

All icecast users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=net-misc/icecast-2.4.2"
OSVersionArchitecturePackageVersionFilename
Gentooanyallnet-misc/icecast< 2.4.2UNKNOWN

Related

securityvulns 2
fedora 3
cvelist 1
openvas 6
nessus 6
ubuntucve 1
archlinux 1
prion 1
veracode 1
debiancve 1
cve 1
debian 1
securityvulns
securityvulns
[SECURITY] [DSA 3239-1] icecast2 security update
2015-05-05 00:00:00
icecast DoS
2015-05-05 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: icecast-2.4.2-1.fc22
2015-08-19 07:57:05
[SECURITY] Fedora 23 Update: icecast-2.4.2-1.fc23
2015-08-15 02:20:43
[SECURITY] Fedora 21 Update: icecast-2.4.2-1.fc21
2015-08-19 07:55:15
cvelist
cvelist
CVE-2015-3026
2015-04-29 20:00:00
openvas
openvas
Icecast 'stream_auth' handler Denial of Service Vulnerability
2015-05-07 00:00:00
Gentoo Security Advisory GLSA 201508-03
2015-09-29 00:00:00
Debian Security Advisory DSA 3239-1 (icecast2 - security update)
2015-04-29 00:00:00
nessus
nessus
openSUSE Security Update : icecast (openSUSE-2015-310)
2015-04-17 00:00:00
Fedora 21 : icecast-2.4.2-1.fc21 (2015-13077)
2015-08-20 00:00:00
Debian DSA-3239-1 : icecast2 - security update
2015-04-30 00:00:00
ubuntucve
ubuntucve
CVE-2015-3026
2015-04-29 00:00:00
archlinux
archlinux
icecast: denial of service
2015-04-11 00:00:00
prion
prion
Null pointer dereference
2015-04-29 20:59:00
veracode
veracode
Denial Of Service (DoS)
2020-12-06 03:36:26
debiancve
debiancve
CVE-2015-3026
2015-04-29 20:59:00
cve
cve
CVE-2015-3026
2015-04-29 20:59:00
debian
debian
[SECURITY] [DSA 3239-1] icecast2 security update
2015-04-29 16:57:35

0.05 Low

EPSS

Percentile

92.8%

JSON
Related for GLSA-201508-03
securityvulns2fedora3cvelist1openvas6nessus6ubuntucve1archlinux1prion1veracode1debiancve1cve1debian1