Vulnerabilities > CVE-2002-1470 - Information Disclosure vulnerability in Nullsoft Shoutcast Server 1.8.9
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
SHOUTcast 1.8.9 and earlier allows local users to obtain the cleartext administrative password via a GET request to port 8001, which causes the password to be logged in the world-readable sc_serv.log file.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |