AOH :: HP Unsorted S :: B06-2822.HTM

Shoutcast servers script injection



bug of script injection in shoutcast servers
bug of script injection in shoutcast servers



Vulnerable Systems:
All shoutcast servers!!

I found an error in shoutcast server.
 Then I'm connecting to the server I type in the DJ columns( you can type in all columns) for exmple script pvz.:


or else...
So then you go to http://radio.com:port and will be executed script.



Mantas Jadzevičius a.k.a UZUZZ
mantasjadzevicius@vecro.lt
irc: irc.data.lt #security
2006

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.