Users login

Create an account »


Users login

Home » Hacking News » CSSA-2002-020.0-Linux: icecast buffer overflows and denial-of-service

CSSA-2002-020.0-Linux: icecast buffer overflows and denial-of-service

by Nikola Strahija on May 14th, 2002 Buffer overflows in the icecast server allow remote attackers to execute arbitrary code via a long HTTP GET request, as well as allowing denial of service attacks.

2. Vulnerable Supported Versions

System Package

OpenLinux 3.1.1 Server prior to icecast-1.3.12-1.i386.rpm

OpenLinux 3.1 Server prior to icecast-1.3.12-1.i386.rpm

3. Solution

The proper solution is to install the latest packages.

4. OpenLinux 3.1.1 Server

4.1 Package Location

4.2 Packages

83407efa0c40a9ceac02606ae37237f2 icecast-1.3.12-1.i386.rpm

4.3 Installation

rpm -Fvh icecast-1.3.12-1.i386.rpm

4.4 Source Package Location

4.5 Source Packages

d55ff1702ff28781cf097566e34c91c5 icecast-1.3.12-1.src.rpm

5. OpenLinux 3.1 Server

5.1 Package Location

5.2 Packages

acd0d312bcb7679c205eb5305d7d4585 icecast-1.3.12-1.i386.rpm

5.3 Installation

rpm -Fvh icecast-1.3.12-1.i386.rpm

5.4 Source Package Location

5.5 Source Packages

b36bf262d34fb88e9a00b695b024916e icecast-1.3.12-1.src.rpm

6. References

Specific references for this advisory:

Caldera OpenLinux security resources:

Caldera UNIX security resources:

This security fix closes Caldera incidents sr863781, fz520848
and erg712036.

7. Disclaimer

Caldera International, Inc. is not responsible for the misuse
of any of the information we provide on this website and/or
through our security advisories. Our advisories are a service
to our customers intended to promote secure installation and
use of Caldera products.

8. Acknowledgements

The "Packet Knights" group discovered some of these

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »