Page 2 of 13 results (0.009 seconds)

CVSS: 4.3EPSS: 0%CPEs: 13EXPL: 0

Cross-site scripting (XSS) vulnerability in list.cgi in the Icecast internal web server (icecast-server) 1.3.12 and earlier allows remote attackers to inject arbitrary web script via the UserAgent parameter. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en list.cgi en el servidor web interno de Icecast (icecast-server) 1.3.12 y anteriores permite a atacantes remotos inyectar script web de su elección mediante el parámetro UserAgent. • http://www.debian.org/security/2004/dsa-541 http://www.securityfocus.com/bid/11021 https://exchange.xforce.ibmcloud.com/vulnerabilities/17086 •

CVSS: 5.0EPSS: 2%CPEs: 14EXPL: 0

Buffer overflow in Icecast 2.0.0 and earlier allows remote attackers to cause a denial of service (crash) via a long Basic Authorization header that triggers an out-of-bounds read. • http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0378.html http://secunia.com/advisories/11578 http://security.gentoo.org/glsa/glsa-200405-10.xml http://www.osvdb.org/6075 http://www.securityfocus.com/bid/10311 http://www.xiph.org/archives/icecast/7144.html https://exchange.xforce.ibmcloud.com/vulnerabilities/16103 •

CVSS: 7.5EPSS: 11%CPEs: 4EXPL: 1

Buffer overflows in icecast 1.3.11 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request from an MP3 client. Desbordamientos de buffer en icecast 1.3.11 y anteriores permite a atacantes remotos ejecutar código arbitrario mediante una petición HTTP GET larga de un cliente MP3. • https://www.exploit-db.com/exploits/21363 http://marc.info/?l=bugtraq&m=101780890326179&w=2 http://marc.info/?l=bugtraq&m=101786838300906&w=2 http://marc.info/?l=bugtraq&m=101793704306035&w=2 http://www.kb.cert.org/vuls/id/596387 http://www.securityfocus.com/bid/4415 http://www.xiph.org/archives/icecast/2616.html •

CVSS: 5.0EPSS: 1%CPEs: 3EXPL: 3

Directory traversal vulnerability in Icecast 1.3.10 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack using encoded URL characters. Vulnerabilidad en el atravesamiento de directorios de Icecast 1.3.10 y anteriores permite a atacantes remotos leer ficheros arbitrarios mediante un ataque modificado .. (punto punto) usando caractéres URL codificados. • https://www.exploit-db.com/exploits/20972 http://archives.neohapsis.com/archives/bugtraq/2001-06/0353.html http://www.debian.org/security/2001/dsa-089 http://www.osvdb.org/1883 http://www.redhat.com/support/errata/RHSA-2001-105.html http://www.redhat.com/support/errata/RHSA-2002-063.html http://www.securityfocus.com/bid/2932 https://exchange.xforce.ibmcloud.com/vulnerabilities/6752 •

CVSS: 5.0EPSS: 5%CPEs: 3EXPL: 3

Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file streaming support enabled allows remote attackers to cause a denial of service (crash) via a URL that ends in . (dot), / (forward slash), or \ (backward slash). • https://www.exploit-db.com/exploits/20973 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-020.0.txt http://www.debian.org/security/2001/dsa-089 http://www.icecast.org/index.html http://www.icecast.org/releases/icecast-1.3.11.tar.gz http://www.redhat.com/support/errata/RHSA-2001-105.html http://www.redhat.com/support/errata/RHSA-2002-063.html http://www.securityfocus.com/archive/1/193516 http://www.securityfocus.com/bid/2933 https://exchange.xforce •