PT-2002-1917 · Nullsoft · Shoutcast
Published
2002-08-31
·
Updated
2008-09-05
·
CVE-2002-0907
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
SHOUTcast versions 1.8.9 through 1.8.11
Description:
The issue allows a remote authenticated DJ to execute arbitrary code on the server. This can be achieved by providing a long value in a header whose name begins with "icy-".
Recommendations:
For SHOUTcast versions 1.8.9 through 1.8.11, update to version 1.8.12 or later to resolve the issue.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Shoutcast