Bugtraq mailing list archives
Denial of Service in SHOUTcast Server 1.8.2 Linux/w32/?
From: "FraMe" <frame () hispalab com>
Date: Fri, 3 Aug 2001 10:29:20 +0200
Vendor : Nullsoft
Product : SHOUTcast Server 1.8.2 Linux/win32/?
Date : 01/08/2001
CONTENTS
1. Overview
2. Details
3. Systems.
4. Denial of Service
5. Vendor Response
1. Overview:
SHOUTcast Server is a streaming audio server. A "bad" client request can
crash the server.
2. Details
Server crash when get, seven
times ( aprox ), a very long buffer (4KB) in fields: User-Agent and
Host, in the client HTTP request.
3. Systems
- SHOUTcast Server 1.8.2 ( Linux )
- SHOUTcast Server 1.8.2 ( Win32 )
- SHOUTcast Server 1.8.2 ( Others ) ( No test )
4. DoS
The DoS in C format is attached.
5. Vendor Response
31/08/01: Sent problem to tom () nullsoft com
03/08/01: No response from tom () nullsoft com
Sent problem to bugtraq () securityfocus com
=================================================
[ FraMe - frame () hispalab com ]
[ Digital LiVe - http://frame.lifefromthenet.com ]
[ PGP Key - www.hispalab.com/frame/pgpkey.asc ]
[ Geek Code - www.hispalab.com/frame/geek.txt ]
=================================================
Attachment:
shoutdos.c
Description:
Current thread:
- Denial of Service in SHOUTcast Server 1.8.2 Linux/w32/? FraMe (Aug 03)