VYPR

rpm package

opensuse/icecast&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/icecast&distro=openSUSE%20Tumbleweed

Vulnerabilities (4)

  • CVE-2018-18820Nov 5, 2018
    affected < 2.4.4-2.1fixed 2.4.4-2.1

    A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote

  • CVE-2014-9018Dec 3, 2014
    affected < 2.4.2-1.7fixed 2.4.2-1.7

    Icecast before 2.4.1 transmits the output of the on-connect script, which might allow remote attackers to obtain sensitive information, related to shared file descriptors.

  • CVE-2011-4612Nov 20, 2012
    affected < 2.4.2-1.7fixed 2.4.2-1.7

    icecast before 2.3.3 allows remote attackers to inject control characters such as newlines into the error loc (error.log) via a crafted URL.

  • CVE-2005-0837May 2, 2005
    affected < 2.4.4-2.1fixed 2.4.4-2.1

    IceCast 2.20 allows remote attackers to bypass the XSL parser and obtain the source for XSL files via a request for a .xsl file with a trailing . (dot).