[icecast] Full analysis of the remotely exploitable icecast 1.3.x bugs
carl at personnelware.com
Mon Apr 8 18:00:20 PDT 2002
> Oh and in response to the "I know how to get passwords on a default install".
> Isn't that just doable by going to http://example.icecast.server:8000/admin
> right after a default install?
Correct. I tried it on one other server, got the list of sets, reported it, and have yet to find a 3rd server. after about the 5th
attempt, I gave up trying.
<p>--- >8 ----
List archives: http://www.xiph.org/archives/
icecast project homepage: http://www.icecast.org/
To unsubscribe from this list, send a message to 'icecast-request at xiph.org'
containing only the word 'unsubscribe' in the body. No subject is needed.
Unsubscribe messages sent to the list will be ignored/filtered.
More information about the Icecast