[Icecast] [Fwd: IceCast up to v2.20 multiple vulnerabilities]

Stauf stauf at freshcheese.net
Mon Mar 21 08:27:34 UTC 2005

Hash: SHA1

Michael Smith wrote:
>>1) The XSL parser has some unchecked buffers (local), but they dont seem
>>to be exploitable. If they are, they can be used for priviledge
>>escalation, under the user that the server runs.
>><xsl:when test="<lots of chars>"></xsl:when>
>><xsl:if test="<lots of chars>"></xsl:if>
>><xsl:value-of select="<lots of chars>" />
>>2) Cause XSL parser error "Could not parse XSLT file". (Not very useful).
>>GET /status.xsl> HTTP/1.0
>>GET /status.xsl< HTTP/1.0
>>GET /<status.xsl HTTP/1.0
>>3) XSL parser bypass. (Useful to steal customized XSL files, lol).
>>GET /auth.xsl. HTTP/1.0
>>GET /status.xsl. HTTP/1.0
> For what it's worth, 2) and 3) aren't reproducible with the current
> version (from svn). To my knowledge, there have been no relevant
> changes here since 2.2, I'd be very surprised if they were
> reproducible with 2.2 (or earlier?), but I don't really have the time
> to test. I still don't know what 1) is about, so I'm not sure if that
> matters.
> Mike

Well, to be perfectly blunt, when I read this "security" post on
bugtraq, I didn't know if I should laugh or cry.  I had an inkling no
one has been contacted on the list, and frankly it looks like someone is
trying to get their name on bugtraq with another uselessly vague "OMG
LOL zer0 day1@#$" worded mail.

If the poster had even included some poc code, or some suggestions about
why he precieved things to be exploits I would take it seriously. Here,
since I see nothing of the sort, I'm shrugging this one off.

Thanks for the great job guys, keep it up.
- --

| " Yesterday upon the stair I met a man who wasn't there.
|   He wasn't there again today. I wish that man would go away."
|                   <[Hughes Mearns]>
| Latest Public Key: http://www.freshcheese.net/~stauf/stauf.gpg
- -----------
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org


More information about the Icecast mailing list