APP: Shoutcast 'icy-name' Buffer Overflow
This signature detects attempts to exploit a known vulnerability against a Shoutcast server. Attackers can submit a maliciously crafted request that contains an overly long icy-name or icy-url parameter, attempting to cause a buffer overflow and execute arbitrary code on the server.
Extended Description
After authenticating, a malicious user can pose as a source and send specialy crafted icy-name and icy-url server commands to a SHOUTcast server alowing execution of arbitrary code.
References
Short Name
APP:SHOUTCAST:ICY-OVERFLOW
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
'icy-name' Buffer Overflow Shoutcast
Release Date
10/27/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3324
Port
TCP/8001
False Positive
Unknown