VULHUB ™

Icecast is an open source audio-streaming server for both Unix and Microsoft Windows systems. Icecast does not sufficiently sanitize user-supplied input, or sanely handle unexpected input. Upon receiving a request from a user for a file that ends with a slash or period, the server will crash. The behaviour occurs when the remote attacker adds an '/', '\' or '.' to the end the URL they craft to request the file. The request of an existing file is not necessary, as the Icecast server will fail regardless.

Icecast is an open source audio-streaming server for both Unix and Microsoft Windows systems. Icecast does not sufficiently sanitize user-supplied input, or sanely handle unexpected input. Upon receiving a request from a user for a file that ends with a slash or period, the server will crash. The behaviour occurs when the remote attacker adds an '/', '\' or '.' to the end the URL they craft to request the file. The request of an existing file is not necessary, as the Icecast server will fail regardless.