thr3ads.net - Icecast - [icecast] Fwd: Icecast temp patch (OR: Patches? We DO need stinkin' patches!!@$!) [Aug 2004]

If this information is useful, please help other people find it:
Share via:

Alfredo E. Cotroneo

2004-Aug-06 14:22 UTC

[icecast] Fwd: Icecast temp patch (OR: Patches? We DO need stinkin' patches!!@$!)

Hi There,

re. the recently reported buffer overflow in icecast, is there any 
"official" security patch against 1.3.11 ? I am reluctant to take any 
un-official patch like this one ;-)

There is nothing on www.icecast.org/releases, maybe it's somewhere else ?

Thanks.

Alfredo

<p><p>>Mailing-List: contact bugtraq-help@securityfocus.com; run
by ezmlm>List-Id: <bugtraq.list-id.securityfocus.com>
>List-Post: <mailto:bugtraq@securityfocus.com>
>List-Help: <mailto:bugtraq-help@securityfocus.com>
>List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
>List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
>Delivered-To: mailing list bugtraq@securityfocus.com
>Delivered-To: moderator for bugtraq@securityfocus.com
>From: Neeko Oni <neeko@haackey.com>
>Subject: Icecast temp patch (OR: Patches?  We DO need stinkin'
patches!!@$!)
>To: bugtraq@securityfocus.com
>Date: Wed, 3 Apr 2002 12:42:03 -0800 (PST)
>
>
>This addresses the client_login() Icecast issue:
>
>For those who have a burning need to 'patch < patch', or just
don't
>want to type three lines into client.c, I've attached a small
>patch to client.c (Icecast 1.3.11).
>Simplicity is thy name.
>(More specific:  It's the suggested patch in the icx.c exploit, with
>  an added logging flag.)
>
>Thanks to Diz for making this public.
>
>.Neeko Oni
-------------- next part --------------
LS0tIGNsaWVudC5jICAgIFdlZCBBdWcgIDEgMTY6MDY6NTMgMjAwMQorKysgc3JjL2NsaWVudC5j
ICAgICAgV2VkIEFwciAgMyAxMjozNjoyMyAyMDAyCkBAIC0xMDMsNiArMTAzLDExIEBACiAKICAg
ICAgICB4YV9kZWJ1ZygzLCAiQ2xpZW50IGxvZ2luLi4uXG4iKTsKIAorICAgICAgIGlmIChzdHJs
ZW4oZXhwcikgPiA4MDAwKSB7IAorICAgICAgICAgICAgICAgd3JpdGVfbG9nKExPR19ERUZBVUxU
LCAiV0FSTklORzogZXhwciBncmVhdGVyIHRoYW4gODAwMC0tcG9zc2libGUgQk9GIGF0dGFjaz8i
KTsKKyAgICAgICByZXR1cm47Cit9CisKICAgICAgICBpZiAoIWNvbiB8fCAhZXhwcikgewogICAg
ICAgICAgICAgICAgd3JpdGVfbG9nKExPR19ERUZBVUxULCAiV0FSTklORzogY2xpZW50X2xvZ2lu
IGNhbGxlZCB3aXRoIE5VTEwgcG9pbnRlciIpOwogICAgICAgICAgICAgICAgcmV0dXJuOwoK



<p>--- >8 ----
List archives:  http://www.xiph.org/archives/
icecast project homepage: http://www.icecast.org/
To unsubscribe from this list, send a message to
'icecast-request@xiph.org'
containing only the word 'unsubscribe' in the body.  No subject is
needed.
Unsubscribe messages sent to the list will be ignored/filtered.

Possibly Parallel Threads

Search for more maybe matching threads

Icecast - Aug 2004 - Fwd: Icecast temp patch (OR: Patches? We DO need stinkin' patches!!@$!)

[icecast] Fwd: Icecast temp patch (OR: Patches? We DO need stinkin' patches!!@$!)

Possibly Parallel Threads

Wisdom of the Ancients