Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1470


Vulnerability Score 2.1 2.1
CVE Id CVE-2002-1470
Last Modified 05 Sep 2008 04:30:41
Published 22 Apr 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE



SHOUTcast 1.8.9 and earlier allows local users to obtain the cleartext administrative password via a GET request to port 8001, which causes the password to be logged in the world-readable sc_serv.log file.

Vulnerable Systems


  • Nullsoft Shoutcast Server 1.8.9


BID - 5414

BUGTRAQ - 20020806 Fate Research Labs Advisory: Retrieve SHOUTcast Admin Password Through GET /

XF - shoutcast-scservlog-world-readable(9775)

Last Updated: 27 May 2016 10:37:20