Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Icecast Security Vulnerabilities

cve
cve

CVE-2011-4612

icecast before 2.3.3 allows remote attackers to inject control characters such as newlines into the error loc (error.log) via a crafted URL.

6.3AI Score

0.003EPSS

2012-11-20 12:55 AM
28
cve
cve

CVE-2015-3026

Icecast before 2.4.2, when a stream_auth handler is defined for URL authentication, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request without login credentials, as demonstrated by a request to "admin/killsource?mount=/test.ogg."

6.4AI Score

0.05EPSS

2015-04-29 08:59 PM
44
cve
cve

CVE-2018-18820

A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote code execution.

8.1CVSS

8.2AI Score

0.185EPSS

2018-11-05 07:29 PM
189