SHOUTcast 1.8.9 and earlier allows local users to obtain the cleartext administrative password via a GET request to port 8001, which causes the password to be logged in the world-readable sc_serv.log file.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2003-03-18T05:00:00

Updated: 2024-08-08T03:26:28.646Z

Reserved: 2003-02-05T00:00:00

Link: CVE-2002-1470

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2003-04-22T04:00:00.000

Modified: 2008-09-05T20:30:41.063

Link: CVE-2002-1470

cve-icon Redhat

No data.