Icecast Denial of Service Vulnerability

vendor:

Icecast

by:

Unknown

7.5

CVSS

HIGH

Denial of Service

CWE

Product Name: Icecast

Affected Version From: All versions of Icecast prior to the fix

Affected Version To: All versions of Icecast prior to the fix

Patch Exists: NO

Related CWE: CVE-2001-0525

CPE: a:xiph.org:icecast_server

Metasploit:

Other Scripts:

Platforms Tested: Unix, Microsoft Windows

2001

Icecast Denial of Service Vulnerability

Icecast audio-streaming server does not properly sanitize user-supplied input, allowing remote attackers to cause a denial of service (crash) by adding a slash, backslash, or period to the end of a crafted URL.

Mitigation:

Apply vendor patches or updates to address the vulnerability. Alternatively, implement input validation to sanitize user-supplied input.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/2933/info

Icecast is an open source audio-streaming server for both Unix and Microsoft Windows systems.

Icecast does not sufficiently sanitize user-supplied input, or sanely handle unexpected input. Upon receiving a request from a user for a file that ends with a slash or period, the server will crash. The behaviour occurs when the remote attacker adds an '/', '\' or '.' to the end the URL they craft to request the file. The request of an existing file is not necessary, as the Icecast server will fail regardless. 

http://localhost:8000/file//

NOTE: File is interpreted by Icecast as the 'root' directory and anything after 'file/' indicates the file request. The character '/' triggers the denial of service.