Icecast list.cgi User-Agent XSS

The remote server runs a version of Icecast that is as old or older than version 1.3.12. This version is affected by a cross-site scripting vulnerability in the status display functionality. This issue is due to a failure of the application to properly sanitize user-supplied input. As a result of...

Icecast 1.1.x/1.3.x - Directory Traversal

source: https://www.securityfocus.com/bid/2932/info Icecast is an open source audio-streaming server for both Unix and Microsoft Windows systems. Icecast does not filter encoded characters from URLs when receiving web requests. If a remote attacker crafts a URL containing the ASCII equivalent of...

Icecast utils.c fd_write Function Format String

The remote server claims to be running Icecast 1.3.7 or 1.3.8beta2. These versions are vulnerable to a format string attack that could allow an attacker to execute arbitrary commands on this host. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10600; scriptversion...

Icecast 1.3.71.3.8 - print_client() Format String

Icecast 1.3.71.3.8 - printclient Format String // source: https://www.securityfocus.com/bid/2264/info Versions of icecast up to and including 1.3.8 beta2 exhibit a format string vulnerability in the printclientfunction of utility.c. A malicious user can cause the printf function to overwrite memo...