Remote Root Exploit in ice-cast server
>From the changelog of the woody package:
icecast-server (1:1.3.8.beta2-5) unstable; urgency=high
* Security vulnerability http://lwn.net/2001/0125/a/sec-icecast.php3 fixed
Country NetLink Pty, Ltd
30 Bank St Cobram, VIC 3644, Australia
Ph: +61 (03) 58 711 000
Fax: +61 (03) 58 711 874
"It's the smell! If there is such a thing." Agent Smith - The Matrix
----- Original Message -----
From: "Jeremy C. Reed" <firstname.lastname@example.org>
To: "Andrew Tait" <email@example.com>
Sent: Tuesday, November 27, 2001 4:21 AM
Subject: Re: Real Server
> On Mon, 26 Nov 2001, Andrew Tait wrote:
> > I just noticed that the stable icecast-server debian package has a major
> > security problem!
> > I have e-mailed the debain security list with more details.
> It appears you didn't start your own thread -- but replied to another
> debian-security posting. Hopefully, it is not missed/overlooked.
> In addition, your root exploit is not shown. How can anyone test or verify
> Jeremy C. Reed
> BSD software, documentation, resources, news...