Last Updated: 2006-01-30 02:08:28 UTC
by Erik Fichtner (Version: 2)
On December 26, 2004, Secunia released an advisory regarding a vulnerabilty in Shoutcast. We've received a report about a few sites detecting odd log entries that fit the vulnerability description, with corresponding server crashes over the past few days. An exploit was published yesterday. The solution is to update to the latest version (v.1.9.5). The advisory is available at Secunia.
Updated to correct the original vulnerability publication date. This is an old hole, but there seem to be a number of people still running vulnerable versions. The exploit is new, and if you're running a SHOUTcast server, check your version.
The default port for SHOUTcast is 8000--Dshield shows a spike in targets on the 14th and more recently.
Dave Brookshire (http://parapet.net)