|Category:||CGI abuses : XSS|
|Title:||Icecast Status Display XSS Vulnerability|
The installed version of IceCast, according to the version
number, is vulnerable to a cross-site scripting (XSS) vulnerability
as a result of improperly sanitized user-supplied input. This
can, as an example, result in the theft of cookie-based authentication
Versions up to and including 1.3.12 are known to be vulnerable.
Solution : Upgrade to 1.3.13 or later.
Risk factor : Medium
BugTraq ID: 11021|
Common Vulnerability Exposure (CVE) ID: CVE-2004-0781
Debian Security Information: DSA-541 (Google Search)
XForce ISS Database: icecast-list-useragent-xss(17086)
|Copyright||Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com|
|This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.