Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1373

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-1373
Last Modified 05 Sep 2008 04:41:10
Published 23 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1373

Summary

Format string vulnerability in SHOUTcast 1.9.4 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via format string specifiers in a content URL, as demonstrated in the filename portion of a .mp3 file.

Vulnerable Systems

Application

  • Nullsoft Shoutcast Server 1.9.4


References

XF - shoutcast-format-string(18669)

BID - 12096

GENTOO - GLSA-200501-04

SECTRACK - 1012675

BUGTRAQ - 20050219 exwormshoucast part of PTjob project: SHOUTcast v1.9.4 remote

BUGTRAQ - 20041223 SHOUTcast remote format string vulnerability


Last Updated: 27 May 2016 10:39:00