un@dom.de
2004-Aug-06 14:22 UTC
[icecast] [dizznutt@my.security.nl: [Secure] Full analysis of multiple remotely exploitable bugs in Icecast 1.3.11]
hi, don't know whether this is already covered in the list, sorry if it's old news... is there any 1.3.11 bugfix release out there? can't find things on icecast.org attached the email from bugtraq. best, uno <p> <strong>attached mail follows:</strong><hr noshade> Hello, Attached is a full analysis to accompany the earlier disclosed remote root/shell exploit for the Icecast mp3 streaming server. It also details some other exploitable bugs besides the one that is exploited with the supplied exploit and thus I believe has posting value. This write-up was mainly meant to aid the icecast developers in locating and eliminating the exact problems, but I can imagine it would be of some value to other interested parties as well. ltr, diz - #temp -------------- next part -------------- A non-text attachment was scrubbed... Name: icecast.txt Type: application/octet-stream Size: 4808 bytes Desc: icecast.txt Url : http://lists.xiph.org/pipermail/icecast/attachments/20020409/9b81fe24/icecast.obj
Possibly Parallel Threads
- [dizznutt@my.security.nl: icecast 1.3.11 remote shell/root exploit - #temp]
- Full analysis of the remotely exploitable icecast 1.3.x bugs
- Fwd: Icecast temp patch (OR: Patches? We DO need stinkin' patches!!@$!)
- Wu-ftpd FTP server contains remotely exploitable off-by-one bug
- [ icecast 1.3.11 win32 version ...]