Info

Disclosure

Dec 23, 2004

Discovery

Unknown

Dates

Exploit

Dec 23, 2004

Solution

Unknown

Description

A remote overflow exists in Nullsoft SHOUTcast. The SHOUTcast server fails to properly validate requests containing '%' characters resulting in a format string overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote / Network Access, Local / Remote, Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Exploit: Exploit Public, Exploit Commercial
Disclosure: OSVDB Verified
OSVDB: Web Related

Solution

Upgrade to version 1.9.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

NullSoft	ShoutCast	1.9.2
		1.9.4

References

Security Tracker: 1012675
Bugtraq ID: 12096
Secunia Advisory ID: 13661 13726
ISS X-Force ID: 18669
CVE ID: 2004-1373 (see also: NVD)
Milw0rm: 712 830
Exploit Database: 712 830
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-12/0366.html
Generic Exploit URL: http://immunitysec.com
http://www.saintcorporation.com/cgi-bin/exploit_info/shoutcast_filename_format_string
Other Advisory URL: http://security.gentoo.org/glsa/glsa-200501-04.xml
Vendor URL: http://www.shoutcast.com

Credit

Tomasz Trojanowski - onestepwp.pl -
Damian Put - pucikoverflow.pl -

Direct URL: http://osvdb.org/12585

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

NullSoft

ShoutCast

References

Credit