Shoutcast Server Security Vulnerabilities and Issues — Shoutcast Server CVE List

Lucene search

NullsoftShoutcast Server

5 matches found

CVE•added 2002/05/16 4:0 a.m.•42 views

CVE-2002-0199

Buffer overflow in admin.cgi for Nullsoft Shoutcast Server 1.8.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an argument with a large number of backslashes.

7.5CVSS8.1AI score0.01816EPSS

CVE•added 2001/09/12 4:0 a.m.•41 views

CVE-1999-1561

Nullsoft SHOUTcast server stores the administrative password in plaintext in a configuration file (sc_serv.conf), which could allow a local user to gain administrative privileges on the server.

7.2CVSS7.2AI score0.00046EPSS

CVE•added 2005/01/19 5:0 a.m.•40 views

CVE-2004-1373

Format string vulnerability in SHOUTcast 1.9.4 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via format string specifiers in a content URL, as demonstrated in the filename portion of a .mp3 file.

7.5CVSS7.3AI score0.86852EPSS

CVE•added 2006/07/12 9:5 p.m.•36 views

CVE-2006-3534

Directory traversal vulnerability in Nullsoft SHOUTcast DSP before 1.9.6 filters directory traversal sequences before decoding, which allows remote attackers to read arbitrary files via encoded dot dot (%2E%2E) sequences in an HTTP GET request for a file path containing "/content".

7.8CVSS6.6AI score0.01022EPSS

CVE•added 2002/10/04 4:0 a.m.•29 views

CVE-2002-0907

Buffer overflow in SHOUTcast 1.8.9 and other versions before 1.8.12 allows a remote authenticated DJ to execute arbitrary code on the server via a long value in a header whose name begins with "icy-".

7.5CVSS7.9AI score0.10942EPSS