Icecast HTTP Header Processing Remote Overflow

This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.


Synopsis :

The remote web server is prone to a buffer overflow attack.

Description :

The remote web server runs Icecast version 2.0.1 or older. Such
versions are affected by an HTTP header buffer overflow vulnerability
that may allow an attacker to execute arbitrary code on the remote
host with the privileges of the Icecast server process.

To exploit this flaw, an attacker needs to send 32 HTTP headers to the
remote host to overwrite a return address on the stack.

See also :

http://aluigi.altervista.org/adv/iceexec-adv.txt
http://archives.neohapsis.com/archives/bugtraq/2004-09/0366.html
http://lists.xiph.org/pipermail/icecast/2004-September/007614.html

Solution :

Upgrade to Icecast 2.0.2 or later.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.2
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Web Servers

Nessus Plugin ID: 14843 (icecast_http_header_overflow.nasl)

Bugtraq ID: 11271

CVE ID: CVE-2004-1561