CVE-2004-1373

Name of the Vulnerable Software and Affected Versions: SHOUTcast version 1.9.4

Description: The issue allows remote attackers to cause a denial of service, resulting in an application crash, and potentially execute arbitrary code. This is achieved through the use of format string specifiers in a content URL, which can be demonstrated by including them in the filename portion of a .mp3 file.

Recommendations: For SHOUTcast version 1.9.4, consider restricting access to content URLs that may contain format string specifiers until a patch is available. As a temporary workaround, avoid using format string specifiers in filenames, especially for .mp3 files, to minimize the risk of exploitation.