Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2001-2018 Tenable Network Security, Inc.ICECAST_OVERFLOW.NASL
HistoryJan 24, 2001 - 12:00 a.m.

Icecast utils.c fd_write Function Format String

2001-01-2400:00:00
This script is Copyright (C) 2001-2018 Tenable Network Security, Inc.
www.tenable.com
11

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.043

Percentile

92.3%

JSON

The remote server claims to be running Icecast 1.3.7 or 1.3.8beta2.

These versions are vulnerable to a format string attack that could allow an attacker to execute arbitrary commands on this host.

#
# (C) Tenable Network Security, Inc.
#


include("compat.inc");

if(description)
{
 script_id(10600);
 script_version ("1.25");

 script_cve_id("CVE-2001-0197");
 script_bugtraq_id(2264);
 
 script_name(english:"Icecast utils.c fd_write Function Format String");
 
 script_set_attribute(attribute:"synopsis", value:
"The remote host is vulnerable to a remote code execution attack." );
 script_set_attribute(attribute:"description", value:
"The remote server claims to be running Icecast 1.3.7 or 1.3.8beta2.

These versions are vulnerable to a format string attack that could
allow an attacker to execute arbitrary commands on this host." );
 script_set_attribute(attribute:"see_also", value:"https://seclists.org/bugtraq/2001/Jan/323" );
 script_set_attribute(attribute:"solution", value:
"There is no known solution at this time." );
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
 script_set_cvss_temporal_vector("CVSS2#E:POC/RL:U/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"true");

 script_set_attribute(attribute:"plugin_publication_date", value: "2001/01/24");
 script_set_attribute(attribute:"vuln_publication_date", value: "2001/01/22");
 script_cvs_date("Date: 2018/11/15 20:50:25");
 script_set_attribute(attribute:"plugin_type", value:"remote");
 script_end_attributes();
 
 script_summary(english:"Icecast format string");
 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is Copyright (C) 2001-2018 Tenable Network Security, Inc.");
 script_family(english:"Web Servers");
 script_dependencie("http_version.nasl");
 script_require_ports("Services/www", 8000);

 exit(0);
}

#
# The script code starts here
#

include("global_settings.inc");
include("misc_func.inc");
include("http.inc");

port = get_http_port(default:8000);

banner = tolower(get_http_banner(port:port));
if ( ! banner ) exit(0);

if("icecast/" >< banner && egrep(pattern:"icecast/1\.3\.(7|8 *beta[012])", string:banner))
      security_hole(port);

Related

cve 1
cvelist 1
nvd 1
exploitdb 1
nessus 1
cve
cve
CVE-2001-0197
2001-05-07 04:00:00
cvelist
cvelist
CVE-2001-0197
2001-05-07 04:00:00
nvd
nvd
CVE-2001-0197
2001-03-26 05:00:00
exploitdb
exploitdb
Icecast 1.3.7/1.3.8 - &#039;print_client()&#039; Format String
2001-01-21 00:00:00
nessus
nessus
Debian DSA-089-2 : icecast-server - remote root exploit (and others)
2004-09-29 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.043

Percentile

92.3%

JSON
Related for ICECAST_OVERFLOW.NASL
cve1cvelist1nvd1exploitdb1nessus1