Signature Detail
Short Name |
APP:ICECAST-BOF |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Icecast 2.0 Server Header Overwrite |
Release Date |
2006/11/30 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: Icecast 2.0 Server Header Overwrite
This signature detects attempts to exploit a known vulnerability against Icecast Server 2.0. Versions 2.0.1 and 2.0 are vulnerable. Attackers can remotely exploit this vulnerability by sending headers that exceed numbers by 31, allowing for complete control over the target computer.
Extended Description
It is reported that the Icecast server is susceptible to a buffer overflow vulnerability. This issue is due to a failure of the application to properly enforce boundary conditions when dealing with user-supplied input data. This vulnerability allows for remote code execution in the context of the Icecast server. It is reported that this vulnerability is only exploitable to execute remote code on Microsoft Windows platforms. This buffer overflow affects all platforms, however it is only exploitable if a sensitive address is located adjacent to the affected buffer. On other platforms, denial of service or code execution may be possible, but this has not been confirmed. Verions 2.x up to 2.0.1 are reported vulnerable to this issue.
Affected Products
- Icecast 2.0.0
- Icecast 2.0.1
References