Vulnerabilities > CVE-2001-1304 - Denial-Of-Service vulnerability in Nullsoft Shoutcast Server 1.8.2

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

nullsoft

nessus

NVD

Published: 2001-08-03

Updated: 2008-09-05

Summary

Buffer overflow in SHOUTcast Server 1.8.2 allows remote attackers to cause a denial of service (crash) via several HTTP requests with a long (1) user-agent or (2) host HTTP header.

Vulnerable Configurations

Part	Description	Count
Application	Nullsoft Nullsoft Shoutcast Server 1.8.2	1

Nessus

NASL family	CGI abuses
NASL id	SHOUTCAST_VERSION.NASL
description	The remote host is running SHOUTcast Server, a streaming audio server from Nullsoft. According to its banner, the installed version of SHOUTcast server will reportedly crash when it receives several HTTP requests with overly long User-Agent and/or Host request headers.
last seen	2020-06-02
modified	2001-08-13
plugin id	10717
published	2001-08-13
reporter	This script is Copyright (C) 2005-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/10717
title	SHOUTcast Server User-Agent / Host Header DoS
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(10717); script_version("1.27"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/01"); script_cve_id("CVE-2001-1304"); script_name(english:"SHOUTcast Server User-Agent / Host Header DoS"); script_summary(english:"Checks for User-Agent / Host header denial of service vulnerability in SHOUTcast Server"); script_set_attribute(attribute:"synopsis", value: "The remote streaming audio server is prone to a denial of service attack."); script_set_attribute(attribute:"description", value: "The remote host is running SHOUTcast Server, a streaming audio server from Nullsoft. According to its banner, the installed version of SHOUTcast server will reportedly crash when it receives several HTTP requests with overly long User-Agent and/or Host request headers."); script_set_attribute(attribute:"see_also", value:"https://seclists.org/bugtraq/2001/Aug/57"); script_set_attribute(attribute:"solution", value:"Unknown at this time."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"vuln_publication_date", value:"2001/08/01"); script_set_attribute(attribute:"plugin_publication_date", value:"2001/08/13"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:nullsoft:shoutcast_server"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"CGI abuses"); script_copyright(english:"This script is Copyright (C) 2005-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencie("http_version.nasl"); script_require_ports("Services/www", 8000); exit(0); } include("global_settings.inc"); include("misc_func.inc"); include("http.inc"); port = get_http_port(default: 8000); w = http_send_recv3(method:"GET", item:"/stream/0", port:port); if (isnull(w)) exit(1, "The web server on port "+port+ " did not answer"); res = strcat(w[0], w[1], '\r\n', w[2]); # There's a problem if the version is 1.8.2 or lower. if (egrep(pattern:"SHOUTcast Distributed Network Audio Server.v(0\..\|1\.([0-7]\..*\|8\.[0-2]))[^0-9]", string:res)) { security_warning(port); exit(0); }

Summary

Vulnerable Configurations

Nessus

References