What is CVE-2018-18820?

CVE-2018-18820 is a vulnerability in N/a. Published 2018-11-05.

Is CVE-2018-18820 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2018-18820

A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to…

EPSS: 0.627 (98.4th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

impulsiveness/CVE-2018-18820

References

1042019 (vdb-entry, x_refsource_SECTRACK)
GLSA-201811-09 (vendor-advisory, x_refsource_GENTOO)
[debian-lts-announce] 20181126 [SECURITY] [DLA-1588-1] icecast2 security update (mailing-list, x_refsource_MLIST)
[oss-security] 20181101 Icecast 2.4.4 - CVE-2018-18820 - buffer overflow in url-auth (mailing-list, x_refsource_MLIST)
DSA-4333 (vendor-advisory, x_refsource_DEBIAN)

Frequently asked questions

What is CVE-2018-18820?: CVE-2018-18820 is a vulnerability in N/a. Published 2018-11-05.
Is CVE-2018-18820 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.