Vulnerabilities > CVE-2005-0838 - Multiple vulnerability in Icecast 2.20
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple buffer overflows in the XSL parser for IceCast 2.20 may allow attackers to cause a denial of service and possibly execute arbitrary code via (1) a long test value in an xsl:when tag, (2) a long test value in an xsl:if tag, or (3) a long select value in an xsl:value-of tag.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Icecast 2.x XSL Parser Multiple Vulnerabilities. CVE-2005-0838. Remote exploits for multiple platform |
| id | EDB-ID:25238 |
| last seen | 2016-02-03 |
| modified | 2005-03-18 |
| published | 2005-03-18 |
| reporter | patrick |
| source | https://www.exploit-db.com/download/25238/ |
| title | Icecast 2.x - XSL Parser Multiple Vulnerabilities |
Nessus
| NASL family | CGI abuses |
| NASL id | ICECAST_XSL_PARSER_FLAWS.NASL |
| description | The remote host is running a version of Icecast that suffers from two flaws in its XSL parser. - A Locally-Exploitable Buffer Overflow Vulnerability The XSL parser does not check the size of XSL |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 17592 |
| published | 2005-03-22 |
| reporter | This script is Copyright (C) 2005-2018 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/17592 |
| title | Icecast XSL Parser Multiple Vulnerabilities (OF, ID) |