Debian Security Advisory 3239-1

Debian Security Advisory 3239-1: Posted Apr 30, 2015; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3239-1 - Juliane Holzt discovered that Icecast2, a streaming media server, could dereference a NULL pointer when URL authentication is configured and the stream_auth URL is triggered by a client without setting any credentials. This could allow remote attackers to cause a denial of service (crash).; tags | advisory, remote, denial of service; systems | linux, debian; advisories | CVE-2015-3026; SHA-256 | 4a3db4dabf12e50966deed1f99fdeeca7e0401d11acb6dd03eea93d80cf91dae; Download | Favorite | View

Debian Security Advisory 3239-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3239-1                   security@debian.org
http://www.debian.org/security/                        Alessandro Ghedini
April 29, 2015                         http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : icecast2
CVE ID         : CVE-2015-3026
Debian Bug     : 782120

Juliane Holzt discovered that Icecast2, a streaming media server, could
dereference a NULL pointer when URL authentication is configured and the
stream_auth URL is trigged by a client without setting any credentials.
This could allow remote attackers to cause a denial of service (crash).

For the stable distribution (jessie), this problem has been fixed in
version 2.4.0-1.1+deb8u1.

For the testing distribution (stretch), this problem will be fixed in
version 2.4.2-1.

For the unstable distribution (sid), this problem has been fixed in
version 2.4.2-1.

We recommend that you upgrade your icecast2 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJVQQ1rAAoJEK+lG9bN5XPLZdcP/iH833w2AZr2b7IPQmg/YJBJ
f3D7Rvfi9MnKXQQLBI1RUlxa/xf2k954/qcCwJ5xPJSToB0I3S9GDtnR1Mzebh6Q
7oKGPzsafElJVEJa9Rx7RJW9lZ4lfEBqdVySAgBe3Wl8Zq5TduOQmto4E5yFcjlF
awQRbzMimxz29NufTl9LccIa3M3qM/CQPkdQS7N95x/8gJx7rk5MLkwdopK/n8YV
CY9S0u7a73k7imXw8tJs1JoWwZYIG2jTePOPw1TgjubZbzY6ig2dWb+2xLA1VugP
7xoCUzOt6Ob/5rveJ2+5MSoMTKzqbUPLHUfJT1rYjecKt9monzooK4WdbAYGCsdB
sZ19SAUy6+kElcOaG7Cp1SdKqAf79BfNfp7c2FgrLzXa6t4sxaD6wmvSqdGWykcc
A1asYtRLjiN7jVPFxsPpVjPZWBdIN2qozKcn9qHHBKbPeKYcIdaya8JObdTK3KBx
/Lj6p7EE6lfqMlzi8FPQoEeZv7UNTHClAciI5Tio62czpFk37cOtFk6mZXnvHeZk
BkbWXUkmqUCAP7DaMpv+DCHGpfKVNK0KsaGo5SGrwMBtzZRn1ZO46r5hIZgKtKLP
bhfcmlDk/fIi0Bak2sqvO67AkevOF+4VWvwCjsBLWJxSxgCtfGq+CRv3BiVC5qu6
DJO8tLksQoHjEe8defPL
=dsVn
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 250 files
indoushka 146 files
Ubuntu 86 files
Gentoo 32 files
Debian 21 files
LiquidWorm 14 files
Apple 11 files
malvuln 8 files
Google Security Research 7 files
verylazytech 4 files

File Archives

Systems

AIX (430)
Apple (2,117)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,140)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,599)
HPUX (881)
iOS (391)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,531)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,026)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,914)
UNIX (9,469)
UnixWare (188)
Windows (6,784)
Other

Debian Security Advisory 3239-1

Debian Security Advisory 3239-1

File Archive:

October 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 3239-1

Share This

Debian Security Advisory 3239-1

File Archive:

October 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems