FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

shoutcast -- cross-site scripting, information exposure

Affected packages
linux-shoutcast < 1.9.7
shoutcast < 1.9.7

Details

VuXML ID 67dbe99f-0f09-11db-94f8-00e029485e38
Discovery 2006-06-09
Entry 2006-07-11

Goober's advisory reports reports that shoutcast is vulnerable to an arbitrary file reading vulnerability:

Impact of the vulnerability depends on the way the product was installed. In general, the vulnerability allows the attacker to read any file which can be read by the Shoutcast server process.

References

CVE Name CVE-2006-3007
URL http://people.ksp.sk/~goober/advisory/001-shoutcast.html
URL http://secunia.com/advisories/20524/