| VID |
22351 |
| Severity |
40 |
| Port |
8000, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Icecast software is vulnerable to multiple vulnerabilities in the XSL parser. Icecast is an open-source mp3 broadcasting program for Windows and Unix-based operating systems. Icecast versions 2.20 and earlier are vulnerable to a buffer overflow vulnerability and an information disclosure vulnerability.
1) Buffer overflow vulnerability: The XSL parser does not check the size of XSL 'when', 'if', and 'value-of' tag values before copying them into a finite buffer in process memory. An attacker may potentially be able to exploit this vulnerability to execute arbitrary code if he can have a specially-crafted XSL file placed in an Icecast folder.
2) Information disclosure vulnerability: The XSL parser fails to parse XSL files when the request ends with a dot ('.') and instead simply returns the contents. An attacker can exploit this to uncover sensitive information contained in XSL files.
* References:
http://www.securityfocus.com/archive/1/393705
http://www.networksecurityarchive.org/html/Exploits-HackingTools/2005-03/msg00116.html
http://www.securitytracker.com/alerts/2005/Mar/1013475.html
* Platforms Affected:
Icecast versions 2.20 and earlier
Any operating system Any version |
| Recommendation |
No upgrade or patch available as of May 2005
Upgrade to the latest version of Icecast (2.20 later), when new version fixed this problem becomes available from the Icecast Web site at http://www.icecast.org/download.php |
| Related URL |
CVE-2005-0837,CVE-2005-0838 (CVE) |
| Related URL |
12849 (SecurityFocus) |
| Related URL |
19760,19753 (ISS) |
|
