Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:1767
HistoryJun 27, 2001 - 12:00 a.m.

Security-issues with Icecast Version 1.3.7

2001-06-2700:00:00
vulners.com
21
JSON

Digit-Labs Security Advisory (http://www.digit-labs.org/)

Advisory Name: Security-issues with Icecast Version 1.3.7
Release Date:
Application: Tested on Icecast Version 1.3.7
Platform: Windows 2000 Prof
Severity: Medium
Author(s): GoLLuM.no [mailto:[email protected]]
Vendor Status: Unknown

Executive Summary:
Icecast is an audio-streaming server for Unix and Windows(C)(TM). Only the
Window version has been tested. Icecast allows for remote administration
and client access by a web-interface. Icecast is used mainly by
radio-stations to broadcast audio on the internet. Icecast does not need a
presence of any particular web-server, it handles all http-requests by
itself.

I have discovered the following:
- remote DoS attack,
- folder traversal exploit.

Detailed Description:

  • Remote DoS attack *
    If the server has enabled the http-server file streaming support, a
    malicious client can perform a DoS remeotly. Http-server file streaming
    support is not enabled by default, but is enabled by altering variable
    "staticdir" in the configuration-file "icecast.conf". The DoS causes an
    "Application Error" in Windows, thus crashing the Icecast-server
    completely. The DoS is caused by adding an extra "/" or "\" behind the
    requested mp3-file.

  • Folder traversal exploit *
    Mp3-files residing outside the Web catalog can be accessed by replacing
    ascii-values for each ".", thus using "/%25%25/" instead of "/…/" will
    walk one folder downward.

Proof-of-consept:

Links:
-http://www.icecast.org/

JSON