ID de Prueba:	1.3.6.1.4.1.25623.1.0.52518
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: icecast
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: icecast CVE-2002-0177 Buffer overflows in icecast 1.3.11 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request from an MP3 client. CVE-2001-1230 Buffer overflows in Icecast before 1.3.10 allow remote attackers to cause a denial of service (crash) and execute arbitrary code. CVE-2001-1229 Buffer overflows in (1) Icecast before 1.3.9 and (2) libshout before 1.0.4 allow remote attackers to cause a denial of service (crash) and execute arbitrary code. CVE-2001-1083 Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file streaming support enabled allows remote attackers to cause a denial of service (crash) via a URL that ends in . (dot), / (forward slash), or \ (backward slash). CVE-2001-0784 Directory traversal vulnerability in Icecast 1.3.10 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack using encoded URL characters. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2002-0177 BugTraq ID: 4415 http://www.securityfocus.com/bid/4415 Bugtraq: 20020402 icecast 1.3.11 remote shell/root exploit - #temp (Google Search) http://marc.info/?l=bugtraq&m=101780890326179&w=2 Bugtraq: 20020403 Icecast temp patch (OR: Patches? We DO need stinkin' patches!!@$!) (Google Search) http://marc.info/?l=bugtraq&m=101786838300906&w=2 Bugtraq: 20020404 Full analysis of multiple remotely exploitable bugs in Icecast 1.3.11 (Google Search) http://marc.info/?l=bugtraq&m=101793704306035&w=2 CERT/CC vulnerability note: VU#596387 http://www.kb.cert.org/vuls/id/596387 Common Vulnerability Exposure (CVE) ID: CVE-2001-1230 Bugtraq: 20010313 More Icecast remote vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=98455723123298&w=2 Debian Security Information: DSA-089 (Google Search) http://www.debian.org/security/2001/dsa-089 http://www.redhat.com/support/errata/RHSA-2002-063.html Common Vulnerability Exposure (CVE) ID: CVE-2001-1229 Bugtraq: 20010312 Icecast / Libshout remote vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=98438880622976&w=2 Conectiva Linux advisory: CLA-2001:387 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000387 Common Vulnerability Exposure (CVE) ID: CVE-2001-1083 BugTraq ID: 2933 http://www.securityfocus.com/bid/2933 Bugtraq: 20010626 Advisory (Google Search) http://www.securityfocus.com/archive/1/193516 Caldera Security Advisory: CSSA-2002-020.0 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-020.0.txt http://www.icecast.org/index.html http://www.redhat.com/support/errata/RHSA-2001-105.html XForce ISS Database: icecast-http-remote-dos(6751) https://exchange.xforce.ibmcloud.com/vulnerabilities/6751 Common Vulnerability Exposure (CVE) ID: CVE-2001-0784 BugTraq ID: 2932 http://www.securityfocus.com/bid/2932 http://archives.neohapsis.com/archives/bugtraq/2001-06/0353.html http://www.osvdb.org/1883 XForce ISS Database: icecast-dot-directory-traversal(6752) https://exchange.xforce.ibmcloud.com/vulnerabilities/6752
Copyright	Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.