Remote Root Exploit in ice-cast server

To: "Jeremy C. Reed" <reed@wcug.wwu.edu>, <debian-isp@lists.debian.org>, <debian-security@lists.debian.org>
Subject: Remote Root Exploit in ice-cast server
From: "Andrew Tait" <debian@cnl.com.au>
Date: Tue, 27 Nov 2001 14:25:27 +1100
Message-id: <[🔎] 003001c176f3$2e8e1b00$034e15cb@cnl.com.au>
References: <Pine.BSO.4.21.0111260920010.14583-100000@sloth.wcug.wwu.edu>

>From the changelog of the woody package:

icecast-server (1:1.3.8.beta2-5) unstable; urgency=high
  Closes: #83527
  * Security vulnerability http://lwn.net/2001/0125/a/sec-icecast.php3 fixed

Andrew Tait
System Administrator
Country NetLink Pty, Ltd
E-Mail: andrewt@cnl.com.au
WWW: http://www.cnl.com.au
30 Bank St Cobram, VIC 3644, Australia
Ph: +61 (03) 58 711 000
Fax: +61 (03) 58 711 874

"It's the smell! If there is such a thing." Agent Smith - The Matrix


----- Original Message -----
From: "Jeremy C. Reed" <reed@wcug.wwu.edu>
To: "Andrew Tait" <debian@cnl.com.au>
Sent: Tuesday, November 27, 2001 4:21 AM
Subject: Re: Real Server


> On Mon, 26 Nov 2001, Andrew Tait wrote:
>
> > I just noticed that the stable icecast-server debian package has a major
> > security problem!
> >
> > I have e-mailed the debain security list with more details.
>
> It appears you didn't start your own thread -- but replied to another
> debian-security posting. Hopefully, it is not missed/overlooked.
>
> In addition, your root exploit is not shown. How can anyone test or verify
> this?
>
>   Jeremy C. Reed
> ...................................................
>      BSD software, documentation, resources, news...
>      http://bsd.reedmedia.net/
>
>

Reply to:

Prev by Date: PAM questions
Next by Date: [OT] resctrict ssh to localnet for some users but not for others.
Previous by thread: PAM questions
Next by thread: [OT] resctrict ssh to localnet for some users but not for others.
Index(es):
- Date
- Thread