Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Format string vulnerability in SHOUTcast 1.9.4 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via format string specifiers in a content URL, as demonstrated in the filename portion of a .mp3 file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Nullsoft SHOUTcast文件请求远程格式串处理漏洞
Vulnerability Description
Nullsoft SHOUTcast Server是一款用于广播流声讯系统的服务器程序,可使用在多种Linux和Unix操作系统下,也可以使用在Microsoft Windows操作系统下。 Nullsoft SHOUTcast Server在处理客户提交的文件请求时存在问题,远程攻击者可以利用这个漏洞以进程权限在系统上执行任意指令。 提交一个包含格式串文件名的请求给SHOUTcast Server,由于sprintf()函数不正确过滤,可导致格式串问题,精心构建提交数据可能以进程权限在系统上执行任意指令
CVSS Information
N/A
Vulnerability Type
N/A