CVE-2006-3534

Directory traversal vulnerability in Nullsoft SHOUTcast DSP before 1.9.6 filters directory traversal sequences before decoding, which allows remote attackers to read arbitrary files via encoded dot dot (%2E%2E) sequences in an HTTP GET request for a file path containing "/content".
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:nullsoft:shoutcast_server:1.8.3:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:shoutcast_server:1.8.3:*:win32:*:*:*:*:*
cpe:2.3:a:nullsoft:shoutcast_server:1.9.2:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:shoutcast_server:1.9.2:*:win32:*:*:*:*:*
cpe:2.3:a:nullsoft:shoutcast_server:1.8.9:*:linux:*:*:*:*:*
cpe:2.3:a:nullsoft:shoutcast_server:1.8.9:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:shoutcast_server:1.8.9:*:freebsd:*:*:*:*:*
cpe:2.3:a:nullsoft:shoutcast_server:1.9.4:*:linux:*:*:*:*:*
cpe:2.3:a:nullsoft:shoutcast_server:1.9.4:*:mac_os_x:*:*:*:*:*
cpe:2.3:a:nullsoft:shoutcast_server:1.8.9:*:mac_os_x:*:*:*:*:*
cpe:2.3:a:nullsoft:shoutcast_server:1.9.4:*:win32:*:*:*:*:*
cpe:2.3:a:nullsoft:shoutcast_server:*:*:*:*:*:*:*:*
cpe:2.3:a:nullsoft:shoutcast_server:1.9.5:*:win32:*:*:*:*:*
cpe:2.3:a:nullsoft:shoutcast_server:1.8.9:*:win32:*:*:*:*:*
cpe:2.3:a:nullsoft:shoutcast_server:1.9.5:*:mac_os_x:*:*:*:*:*
cpe:2.3:a:nullsoft:shoutcast_server:1.7.1:*:linux:*:*:*:*:*
cpe:2.3:a:nullsoft:shoutcast_server:1.9.5:*:linux:*:*:*:*:*
cpe:2.3:a:nullsoft:shoutcast_server:1.8.9:*:solaris:*:*:*:*:*
cpe:2.3:a:nullsoft:shoutcast_server:1.8.2:*:*:*:*:*:*:*

Information

Published : 2006-07-12 14:05

Updated : 2011-03-07 18:38


NVD link : CVE-2006-3534

Mitre link : CVE-2006-3534


JSON object : View

Advertisement

dedicated server usa

Products Affected

nullsoft

  • shoutcast_server