Family: Gain a shell remotely --> Category: mixed
ICECast HTTP Header Buffer Overflow Vulnerability Scan
Vulnerability Scan Summary
check icecast version
Detailed Explanation for this Vulnerability Test
The remote server runs a version of ICECast which is as old as or older
than version 2.0.1.
This version is vulnerable to an HTTP header buffer overflow vulnerability
which may allow a possible hacker to execute arbitrary code on the remote host with
the rights of the icecast server process.
To exploit this flaw, a possible hacker needs to send 32 HTTP headers to the
remote host to overwrite a return address on the stack.
Solution : Upgrade to ICECast 2.0.2 or newer
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.