ISS X-Force Database: icecast-clientlogin-bo(8741): Icecast client

Icecast client_login() function buffer overflow

icecast-clientlogin-bo (8741)

High Risk

Description:

Icecast is vulnerable to a buffer overflow in the client_login() function. By sending an overly long HTTP request containing 8000 bytes or more, a remote attacker can overflow a buffer and gain root privileges on the server.

Consequences:

Gain Privileges

Remedy:

For Red Hat Powertools 7.0 and 7.1:
Upgrade to the latest version of icecast (1.3.12-1 or later), as listed in RHSA-2002:063-05. See References.

For Caldera OpenLinux Server 3.1 and 3.1.1:
Upgrade to the latest version of icecast (1.3.12-1 or later), as listed in Caldera International, Inc. Security Advisory CSSA-2002-020.0. See References.

For other distributions:
Contact your vendor for upgrade or patch information.

References:

BugTraq Mailing List, Thu Apr 04 2002 - 07:51:51 CST: Full analysis of multiple remotely exploitable bugs in Icecast 1.3.11.
BugTraq Mailing List, Tue Apr 02 2002 - 01:51:55 CST: icecast 1.3.11 remote shell/root exploit - #temp.
BugTraq Mailing List, Wed Apr 03 2002 - 14:42:03 CST: Icecast temp patch (OR: Patches? We DO need stinkin' patches!!@$!).
Caldera International, Inc. Security Advisory CSSA-2002-020.0: Linux: icecast buffer overflows and denial-of-service.
Icecast Web site: Open Source Streaming Audio.
BID-4415: Icecast AVLLib Buffer Overflow Vulnerability
CVE-2002-0177: Buffer overflows in icecast 1.3.11 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request from an MP3 client.
RHSA-2002-063: Updated icecast packages are available
US-CERT VU#596387: Icecast vulnerable to buffer overflow via long GET request

Platforms Affected:

Icecast Icecast 1.3.11 and prior
RedHat Linux Powertools 7.0
RedHat Linux Powertools 7.1
SCO Caldera OpenLinux Server 3.1
SCO Caldera OpenLinux Server 3.1.1

Reported:

Apr 02, 2002

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page