| Check Point Reference: |
CPAI-2006-029 |
| Date Published: |
26 Mar 2006 |
| Severity: |
High
|
| Last Updated: |
Monday 07 May, 2007 |
| Source: |
FrSirt |
| Industry Reference: | CAN-2004-1373 |
| Protection Provided by: |
|
| Who is Vulnerable? | SHOUTcast version 1.9.4 on Linux and possibly earlier versions |
| Vulnerability Description |
SHOUTcast is Nullsoft's streaming audio system for Linux and Microsoft Windows platforms. A format string vulnerability was reported in SHOUTcast. A malicious attacker with the ability to send a formatted URL request to the SHOUTcast server may be able to execute arbitrary code on the target system or cause the server to crash. |
| Vulnerability Status | See FrSIRT at http://www.frsirt.com/exploits/20060128.shoutcast_expl.c.php. |
| Update/Patch Avaliable | The issue has been addressed in version 1.9.5. Upgrade to the latest version of SHOUTcast (1.9.5 or later), available from the SHOUTcast Web site at http://www.shoutcast.com/download/files.phtml. |
| Vulnerability Details | Remote exploitation of a format string vulnerability could allow server crash or execution of arbitrary code. A format string is way of telling the C compiler how it should format numbers when it prints them. A number of functions accept a format string as an argument including fprintf. sprintf, syslog and others. A remote attacker could include a crafted request within the sprintf () function to crash the server of cause it to execute arbitrary code. |
Feedback