Update: icecast server in Debian GNU/Linux 2.2

Debian recommend users upgrade their icecast server in Debian GNU/Linux 2.2 as it has several security problems.

"If a client added a / after the filename of a file to be downloaded the server would crash. By escaping dots as %2E it was possible to circumvent security measures and download arbitrary files. There were several buffer overflows that could be exploited to gain root access."

More information can be found at http://www.debian.org/security/2001/dsa-089.

Join the newsletter!

Error: Please check your email address.

More about Debian

Show Comments