CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
92.9%
Icecast before 2.4.2, when a stream_auth handler is defined for URL
authentication, allows remote attackers to cause a denial of service (NULL
pointer dereference and crash) via a request without login credentials, as
demonstrated by a request to “admin/killsource?mount=/test.ogg.”