Detections
Analytics
Icecast XSL Parser Multiple Vulnerabilities (OF, ID)
medium Nessus Plugin ID 17592
Language:
Synopsis
The remote media streaming server is affected by multiple issues.Description
The remote host is running a version of Icecast that suffers from two flaws in its XSL parser.- A Locally-Exploitable Buffer Overflow Vulnerability The XSL parser does not check the size of XSL 'when', 'if', and 'value-of' tag values before copying them into a finite buffer in process memory. An attacker may potentially be able to exploit this vulnerability to execute arbitrary code if he can have a specially crafted XSL file placed in an Icecast folder.
- An Information Disclosure Vulnerability The XSL parser fails to parse XSL files when the request ends with a dot ('.') and instead simply returns the contents.
An attacker can exploit this to uncover sensitive information contained in XSL files.
Solution
Unknown at this time.See Also
https://www.securityfocus.com/archive/1/393705
http://lists.xiph.org/pipermail/icecast/2005-March/008882.html
Plugin Details
Severity: Medium
ID: 17592
File Name: icecast_xsl_parser_flaws.nasl
Version: 1.23
Type: remote
Family: CGI abuses
Published: 3/22/2005
Updated: 1/19/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.3
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.9
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N
Vulnerability Information
Exploit Available: true
Exploit Ease: No exploit is required
Vulnerability Publication Date: 3/19/2005
Reference Information
CVE: CVE-2005-0837, CVE-2005-0838
BID: 12849