CVE-2004-1561
CVE-2004-1561
Vexday Risk Score
60Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Popular PoC on GitHub (7 stars) — exploitation code widely available.
CVSS —EPSS 78.3%KEV nãoPoC públicaNuclei —Metasploit simPatch —
Lifecycle
28 Sep 2004Metasploit module available
06 Oct 2004Public PoC
20 Feb 2005Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
Buffer overflow in Icecast 2.0.1 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a large number of headers.
Affected products
n/a · n/apublic PoCs found — 9
githubgithub.com/ivanitlearning/CVE-2004-1561★ 7githubgithub.com/thel1nus/CVE-2004-1561-Notes★ 3githubgithub.com/darrynb89/CVE-2004-1561★ 1githubgithub.com/MonseigneurPatas/thm-ice-icecast-rce-privesc★ 0githubgithub.com/ratiros01/CVE-2004-1561★ 0githubgithub.com/Danyw24/CVE-2004-1561-Icecast-Header-Overwrite-buffer-overflow-RCE-2.0.1-Win32-★ 0exploitdbwww.exploit-db.com/exploits/16763unverifiedexploitdbwww.exploit-db.com/exploits/568unverifiedexploitdbwww.exploit-db.com/exploits/573unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
References
http://aluigi.altervista.org/adv/iceexec-adv.txthttp://marc.info/?l=bugtraq&m=109640005127644&w=2http://marc.info/?l=bugtraq&m=109674593230539&w=2http://secunia.com/advisories/12666/http://securitytracker.com/id?1011439https://exchange.xforce.ibmcloud.com/vulnerabilities/17538http://www.osvdb.org/10446http://www.securiteam.com/exploits/6X00315BFM.htmlhttp://www.securityfocus.com/bid/11271