Rule: 

--
Sid: 
8702

-- 
Summary: 
This event is generated when an attempt is made to exploit a known vulnerability in an IceCast server.

-- 
Impact: 
Serious. Code execution is possible.

--
Detailed Information:
The IceCast HTTP server suffers from a programming error that may allow a remote attacker to overflow a fixed length buffer and execute code of their choosing on an affected host in the context of the user running the service.

The problem arises when the server attempts to parse a long user-supplied HTTP version header.

--
Affected Systems:
IceCast 2.0.1 and prior

--
Attack Scenarios: 
An attacker would need to supply a long HTTP version to the affected server.

-- 
Ease of Attack: 
Simple.

-- 
False Positives:
None known.

--
False Negatives:
None known.

-- 
Corrective Action: 
Apply the appropriate vendor supplied patches.

Upgrade to the latest non-affected version of the software.

--
Contributors:
Sourcefire Vulnerability Research Team

-- 
Additional References:


--
