search for: dizznutt

Contrary to the report, this only affect 1.3.x version of icecast, not _all_ versions. But this is a serious problem and I do hope you all took my advice last time and aren't running icecast as root. I'll try to have a patch today. jack. ----- Forwarded message from dizznutt@my.security.nl ----- Date: Tue, 2 Apr 2002 07:51:55 +0000 (GMT+00:00) From: dizznutt@my.security.nl To: bugtraq@securityfocus.com Cc: team@icecast.org Subject: icecast 1.3.11 remote shell/root exploit - #temp X-Spam-Status: No, hits=0.6 required=10.0 tests=NO_REAL_NAME version=2.11 Ola, I'm...

hi, don't know whether this is already covered in the list, sorry if it's old news... is there any 1.3.11 bugfix release out there? can't find things on icecast.org attached the email from bugtraq. best, uno <p> <strong>attached mail follows:</strong><hr noshade> Hello, Attached is a full analysis to accompany the earlier disclosed remote root/shell

Hello Icecast folks, Attached is an analysis I slapped together detailing the exact specifics of the bug that is exploited with the icecast exploit I disclosed earlier this week. Furthermore it details another remotely exploitable bug. I sent this to team@icecast.org and to Jack Moffit, but have not received a response as of yet. So if people, like I noticed in the icecast@xiph.org list, are