CVE-2015-3026

Name of the Vulnerable Software and Affected Versions Icecast versions prior to 2.4.2

Description The issue allows remote attackers to cause a denial of service, resulting in a crash due to a NULL pointer dereference. This can be achieved by sending a request without login credentials to a specific URL, such as "admin/killsource?mount=/test.ogg".

Recommendations For versions prior to 2.4.2, update to version 2.4.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the admin interface to minimize the risk of exploitation.