Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-0197Use of Externally-Controlled Format String in Icecast

6 documents6 sources
Severity
10.0CRITICALNVD
EPSS
9.5%
top 7.14%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
IcecastRedhat Linux
Timeline
PublishedMar 26
Latest updateApr 30

Description

Format string vulnerability in print_client in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

NVDicecast/icecast1.3.8_beta2+1
NVDredhat/linux4 versions+3

Patches

Patch: archives.neohapsis.comPatch: distro.conectiva.com.brPatch: www.redhat.com

🔴Vulnerability Details

2
GHSA
GHSA-7r5h-rj9j-3ch2: Format string vulnerability in print_client in icecast 12022-04-30
CVEList
CVE-2001-0197: Format string vulnerability in print_client in icecast 12001-05-07

💥Exploits & PoCs

1
Exploit-DB
Icecast 1.3.7/1.3.8 - 'print_client()' Format String2001-01-21

📋Vendor Advisories

1
Red Hat
security flaw2001-01-21

💬Community

1
Bugzilla
CVE-2001-0197 security flaw2018-08-16
CVE-2001-0197 — Icecast vulnerability | cvebase