What is the severity of CVE-2015-3026?

CVE-2015-3026 has a severity rating that indicates a risk of denial of service due to NULL pointer dereference.

How do I fix CVE-2015-3026?

To fix CVE-2015-3026, upgrade Icecast to version 2.4.2 or later.

What versions of Icecast are affected by CVE-2015-3026?

Icecast versions prior to 2.4.2, including 2.4.0 and earlier, are affected by CVE-2015-3026.

Can CVE-2015-3026 be exploited remotely?

Yes, CVE-2015-3026 can be exploited remotely through a request without login credentials.

What type of attack does CVE-2015-3026 represent?

CVE-2015-3026 represents a denial of service attack that causes server crashes.

Vulnerability/
CVE-2015-3026

medium

CWE

476

8/4/2015

29/4/2015

6/8/2024

CVE-2015-3026: Null Pointer Dereference

First published: Wed Apr 08 2015(Updated: )

Icecast before 2.4.2, when a stream_auth handler is defined for URL authentication, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request without login credentials, as demonstrated by a request to "admin/killsource?mount=/test.ogg."

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
debian/icecast2	<=2.3.3-1<=2.4.0-1.1	2.4.2-1 2.4.0-1.1+deb8u1
debian/icecast2		2.4.4-4
Icecast	<=2.4.1
Debian	=8.0
SUSE Linux	=13.1
SUSE Linux	=13.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-3026?
CVE-2015-3026 has a severity rating that indicates a risk of denial of service due to NULL pointer dereference.
How do I fix CVE-2015-3026?
To fix CVE-2015-3026, upgrade Icecast to version 2.4.2 or later.
What versions of Icecast are affected by CVE-2015-3026?
Icecast versions prior to 2.4.2, including 2.4.0 and earlier, are affected by CVE-2015-3026.
Can CVE-2015-3026 be exploited remotely?
Yes, CVE-2015-3026 can be exploited remotely through a request without login credentials.
What type of attack does CVE-2015-3026 represent?
CVE-2015-3026 represents a denial of service attack that causes server crashes.

agent/type
agent/first-publish-date
agent/author
agent/weakness
agent/severity
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
collector/debian-bugs
source/Debian
alias/CVE-2015-3026
agent/software-canonical-lookup
collector/security-tracker-debian
agent/references
agent/event
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
package-manager/debian
vendor/xiph
canonical/icecast
version/icecast/2.4.1
vendor/debian
canonical/debian
version/debian/8.0
vendor/opensuse
canonical/suse linux
version/suse linux/13.1
version/suse linux/13.2

Frequently Asked Questions

What is the severity of CVE-2015-3026?
CVE-2015-3026 has a severity rating that indicates a risk of denial of service due to NULL pointer dereference.
How do I fix CVE-2015-3026?
To fix CVE-2015-3026, upgrade Icecast to version 2.4.2 or later.
What versions of Icecast are affected by CVE-2015-3026?
Icecast versions prior to 2.4.2, including 2.4.0 and earlier, are affected by CVE-2015-3026.
Can CVE-2015-3026 be exploited remotely?
Yes, CVE-2015-3026 can be exploited remotely through a request without login credentials.
What type of attack does CVE-2015-3026 represent?
CVE-2015-3026 represents a denial of service attack that causes server crashes.

CVE-2015-3026: Null Pointer Dereference

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-3026?

How do I fix CVE-2015-3026?

What versions of Icecast are affected by CVE-2015-3026?

Can CVE-2015-3026 be exploited remotely?

What type of attack does CVE-2015-3026 represent?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2015-3026?

How do I fix CVE-2015-3026?

What versions of Icecast are affected by CVE-2015-3026?

Can CVE-2015-3026 be exploited remotely?

What type of attack does CVE-2015-3026 represent?