Icecast 存在目录遍历漏洞

发布时间：2001-12-06
更新时间：2001-12-06
严重程度：中
威胁程度：远程非授权文件存取
错误类型：输入验证错误
利用方式：服务器模式

受影响系统

Icecast Icecast 1.0.0
   - Debian Linux 2.2
   - Debian Linux 2.2 68k
   - Debian Linux 2.2 alpha
   - Debian Linux 2.2 arm
   - Debian Linux 2.2 powerpc
   - Debian Linux 2.2 sparc
Icecast Icecast 1.3.7
   - Microsoft Windows 2000 Advanced Server
   - Microsoft Windows 2000 Advanced Server SP1
   - Microsoft Windows 2000 Advanced Server SP2
   - Microsoft Windows 2000 Professional
   - Microsoft Windows 2000 Professional SP1
   - Microsoft Windows 2000 Professional SP2
   - Microsoft Windows 2000 Server
   - Microsoft Windows 2000 Server SP1
   - Microsoft Windows 2000 Server SP2
Icecast Icecast 1.3.8 beta2

详细描述
Icecast 是一款使用在UNIX和WINDOWS下的音流服务程序。

其中Icecast没有很好的过滤接收到的URLS请求，特殊的字符可以导致脱离WEB
ROOT目录的限制，导致远程攻击者可以以Icecast服务程序的权利查看任意文件。

测试代码
http://localhost:8000/file/../test1.mp3 不能获得mp3文件而
http://localhost:8000/file/%2E%2E/test1.mp3 可以获得mp3文件

解决方案
下载补丁程序：

Icecast Icecast 1.0.0:

Debian Upgrade 2.2 alpha icecast-server_1.3.10-1_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/icecast-server_1.3.10-1_alpha.deb

Debian Upgrade 2.2 arm icecast-server_1.3.10-1_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/icecast-server_1.3.10-1_arm.deb

Debian Upgrade 2.2 i386 icecast-server_1.3.10-1_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/icecast-server_1.3.10-1_i386.deb

Debian Upgrade 2.2 m68k icecast-server_1.3.10-1_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/icecast-server_1.3.10-1_m68k.deb

Debian Upgrade 2.2 ppc icecast-server_1.3.10-1_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/icecast-server_1.3.10-1_powerpc.deb

Debian Upgrade 2.2 sparc icecast-server_1.3.10-1_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/icecast-server_1.3.10-1_sparc.deb

相关信息
gollum <gollum@evilemail.com>
参考：http://www.securityfocus.com/archive/1/193516

最近严重漏洞

Icecast 存在目录遍历漏洞