Shoutcast Server Buffer Crashes Server

2001-01-19T00:00:00
ID SECURITYVULNS:DOC:1183
Type securityvulns
Reporter Securityvulns
Modified 2001-01-19T00:00:00

Description

The following information is being released by PA Networks to expose a potential problem with the Shoutcast server for Linux version v1.7.1 for Shoutcast Distributed Network Audio Server.

During testing of new streams the following was discovered.

Software Needed To Perform This Overflow: Winamp (Any Version) DSP Plugin for Audio Streaming Microsoft Netshow Tools (Audio MP3 Codecs Only) Shoutcast Server for Linux v1.7.1

Normally the Winamp client uses the DSP plugin to encode MP3 files and send a single stream to a DNAS Server (Shoutcast) for distribution to listeners. By entering a string in the description past the visible field the server will overflow causing the shoutcast server to crash. This has been tested and verified on the Linux version only so we do not know if the Win32 version of DNAS is also affected.

The Linux server crashed with an "Error A" message and the server must be restarted.

It is possible to crash a server only when the server is running and no connection are active on the server. Once an active connection from a Winamp player is established the condition is not exploitable. So you would have to catch a server in a "Sleep" state meaning that it would be running but nothing is currently being broadcast.

Questions or concerns can be addressed to noc@panetworks.net.

PA Networks Internet "It's Your Internet... So Use It!" http://www.panetworks.net