Описание
Icecast before 2.4.2, when a stream_auth handler is defined for URL authentication, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request without login credentials, as demonstrated by a request to "admin/killsource?mount=/test.ogg."
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 2.4.2-1 |
| devel | not-affected | 2.4.2-1 |
| esm-apps/bionic | not-affected | 2.4.2-1 |
| esm-apps/xenial | not-affected | 2.4.2-1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [2.3.3-2ubuntu1.14.04.1]] |
| lucid | ignored | end of life |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| trusty | released | 2.3.3-2ubuntu1.14.04.1 |
Показывать по
5 Medium
CVSS2
Связанные уязвимости
Icecast before 2.4.2, when a stream_auth handler is defined for URL authentication, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request without login credentials, as demonstrated by a request to "admin/killsource?mount=/test.ogg."
Icecast before 2.4.2, when a stream_auth handler is defined for URL au ...
Icecast before 2.4.2, when a stream_auth handler is defined for URL authentication, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request without login credentials, as demonstrated by a request to "admin/killsource?mount=/test.ogg."
5 Medium
CVSS2