Flaw in Icecast streaming media server allows to take off online Radio Stations

Icecast streaming media server is affected by a flaw that could be exploited by an attacker to take off the broadcast of online radio stations.

Icecast streaming media server is affected by a vulnerability, tracked as CVE-2018-18820, that could be exploited by an attacker to take off the broadcast of online radio stations.  Icecast supports both audio and video data and is maintained by the Xiph.org Foundation. Icecast is distributed under the GNU GPL, version 2, it can be used to create an Internet radio station or a privately running jukebox and many things in between.

The vulnerability was discovered by a researcher at the Semmle Security Research Team using LGTM, a software that analyzes checks code for vulnerabilities.

“I spotted a vulnerability in Icecast, the open source streaming media server maintained by the Xiph.org Foundation.” reads the security advisory.

“Attackers could craft HTTP headers that would overwrite the server’s stack contents, leading to remote code execution. Since Icecast is commonly used to host internet radio stations, a motivated attacker could potentially take a station off air.”

The flaw affects Icecast servers running versions 2.4.0 to 2.4.3 and using URL authentication.

The expert developed a proof-of-concept exploit that caused a segmentation fault in the server process triggering a DoS condition. The expert pointed out that further efforts could allow a persistent attacker to achieve full-blown remote code execution of the vulnerable system.

The experts at Xiph promptly patched the flaw with a minimum effort and a smart solution.

“The folks at Xiph patched the bug quickly, and the fix is pretty simple. It simply checks the return value from snprintf, and, if it causes post_offset to point beyond the end of the buffer, it logs an error and exits the loop.” continues the advisory. 

Users should upgrade their installs to version 2.4.4 as soon as possible.

Technical details of the vulnerability are included in the post published by Nick Rolfe from of Semmle Security Research Team.

Pierluigi Paganini

FAIR USE NOTICE: Under the "fair use" act, another author may make limited use of the original author's work without asking permission. Pursuant to 17 U.S. Code § 107, certain uses of copyrighted material "for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright." As a matter of policy, fair use is based on the belief that the public is entitled to freely use portions of copyrighted materials for purposes of commentary and criticism. The fair use privilege is perhaps the most significant limitation on a copyright owner's exclusive rights. Cyber Defense Media Group is a news reporting company, reporting cyber news, events, information and much more at no charge at our website Cyber Defense Magazine. All images and reporting are done exclusively under the Fair Use of the US copyright act.

Global InfoSec Awards 2022

We are in our 10th year, and these awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.


10th Anniversary Exclusive Top 100 CISO Conference & Innovators Showcase