Icecast : Security Vulnerabilities, CVEs, Published In 2014
Icecast before 2.4.0 does not change the supplementary group privileges when <changeowner> is configured, which allows local users to gain privileges via unspecified vectors.
Max CVSS
4.6
EPSS Score
0.04%
Published
2014-12-10
Updated
2014-12-11
Icecast before 2.4.1 transmits the output of the on-connect script, which might allow remote attackers to obtain sensitive information, related to shared file descriptors.
Max CVSS
5.0
EPSS Score
1.98%
Published
2014-12-03
Updated
2017-09-08
2 vulnerabilities found