Icecast HTTP Basic Authorization Remote Overflow DoS

This script is Copyright (C) 2004-2016 Tenable Network Security, Inc.

Synopsis :

The remote media server is vulnerable to a remote denial of service

Description :

The remote server runs Icecast 2.0.0, an open source streaming audio

This version is affected by a remote denial of service.

A remote attacker could send a specially crafted URL, with a long
string passed in an Authorization header that will result in a loss
of availability for the service.

*** Nessus reports this vulnerability using only
*** information that was gathered.

See also :

Solution :

Upgrade to Icecast 2.0.1 or later, as this reportedly fixes the issue.

Risk factor :

Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 3.7
Public Exploit Available : false

Family: Web Servers

Nessus Plugin ID: 15397 (icecast_http_basic_auth.nasl)

Bugtraq ID: 10311

CVE ID: CVE-2004-2027

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now