APP: Icecast 2.0 Server Header Overwrite

This signature detects attempts to exploit a known vulnerability against Icecast Server 2.0. Versions 2.0.1 and 2.0 are vulnerable. Attackers can remotely exploit this vulnerability by sending headers that exceed numbers by 31, allowing for complete control over the target computer.

Extended Description

It is reported that the Icecast server is susceptible to a buffer overflow vulnerability. This issue is due to a failure of the application to properly enforce boundary conditions when dealing with user-supplied input data. This vulnerability allows for remote code execution in the context of the Icecast server. It is reported that this vulnerability is only exploitable to execute remote code on Microsoft Windows platforms. This buffer overflow affects all platforms, however it is only exploitable if a sensitive address is located adjacent to the affected buffer. On other platforms, denial of service or code execution may be possible, but this has not been confirmed. Verions 2.x up to 2.0.1 are reported vulnerable to this issue.

Affected Products

Icecast icecast

Short Name
APP:ICECAST-BOF
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
2.0 CVE-2004-1561 Header Icecast Overwrite Server bid:11271
Release Date
11/30/2006
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3336
False Positive
Unknown
Vendors

Icecast

CVSS Score

7.5

Found a potential security threat?