ALT-PU-2018-2595-1
Closed vulnerabilities
Published: 2018-11-05
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2018-18820
A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote code execution.
Severity: HIGH (8.1)
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
- [oss-security] 20181101 Icecast 2.4.4 - CVE-2018-18820 - buffer overflow in url-auth
- [oss-security] 20181101 Icecast 2.4.4 - CVE-2018-18820 - buffer overflow in url-auth
- 1042019
- 1042019
- [debian-lts-announce] 20181126 [SECURITY] [DLA-1588-1] icecast2 security update
- [debian-lts-announce] 20181126 [SECURITY] [DLA-1588-1] icecast2 security update
- GLSA-201811-09
- GLSA-201811-09
- DSA-4333
- DSA-4333