| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 7.0 | $0-$5k | 0.00 |
Summary
A vulnerability was found in NullSoft SHOUTcast Server 1.9.4. It has been rated as critical. This impacts an unknown function. This manipulation causes denial of service. This vulnerability appears as CVE-2004-1373. In addition, an exploit is available. Upgrading the affected component is advised.
Details
A vulnerability has been found in NullSoft SHOUTcast Server 1.9.4 and classified as critical. Affected by this vulnerability is an unknown function. The manipulation with an unknown input leads to a denial of service vulnerability. The CWE definition for the vulnerability is CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use. As an impact it is known to affect confidentiality, integrity, and availability. The summary by CVE is:
Format string vulnerability in SHOUTcast 1.9.4 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via format string specifiers in a content URL, as demonstrated in the filename portion of a .mp3 file.
The bug was discovered 12/23/2004. The weakness was presented 12/23/2004 by Tomasz Trojanowski and Damian Put (Website). It is possible to read the advisory at archives.neohapsis.com. This vulnerability is known as CVE-2004-1373 since 01/07/2005. The exploitation appears to be easy. The attack can be launched remotely. The exploitation doesn't need any form of authentication. Technical details are unknown but a public exploit is available.
After immediately, there has been an exploit disclosed. It is possible to download the exploit at saintcorporation.com. It is declared as highly functional. The vulnerability scanner Nessus provides a plugin with the ID 16064 (SHOUTcast Server Filename Handling Format String), which helps to determine the existence of the flaw in a target environment. It is assigned to the family CGI abuses and running in the context r. The commercial vulnerability scanner Qualys is able to test this issue with plugin 38402 (Nullsoft SHOUTcast File Request Format String Vulnerability).
Upgrading eliminates this vulnerability. Attack attempts may be identified with Snort ID 4131. Furthermore it is possible to detect and prevent this kind of attack with TippingPoint and the filter 3230.
The vulnerability is also documented in the databases at X-Force (18669), Exploit-DB (712), Tenable (16064), SecurityFocus (BID 12096†) and OSVDB (12585†). Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Product
Vendor
Name
Version
License
Support
Website
- Vendor: http://www.nullsoft.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 7.3VulDB Meta Temp Score: 7.0
VulDB Base Score: 7.3
VulDB Temp Score: 7.0
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Denial of serviceCWE: CWE-404
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Access: Public
Status: Highly functional
Download: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 16064
Nessus Name: SHOUTcast Server Filename Handling Format String
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Context: 🔍
OpenVAS ID: 54790
OpenVAS Name: Gentoo Security Advisory GLSA 200501-04 (Shoutcast-server-bin)
OpenVAS File: 🔍
OpenVAS Family: 🔍
Saint ID: exploit_info/shoutcast_filename_format_string
Saint Name: SHOUTcast filename format string vulnerability
Qualys ID: 🔍
Qualys Name: 🔍
MetaSploit ID: shoutcast_format.rb
MetaSploit Name: SHOUTcast DNAS/win32 1.9.4 File Request Format String Overflow
MetaSploit File: 🔍
Exploit-DB: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Exploit Delay Time: 🔍
Snort ID: 4131
TippingPoint: 🔍
McAfee IPS: 🔍
McAfee IPS Version: 🔍
SourceFire IPS: 🔍
ISS Proventia IPS: 🔍
PaloAlto IPS: 🔍
Timeline
12/23/2004 🔍12/23/2004 🔍
12/23/2004 🔍
12/23/2004 🔍
12/23/2004 🔍
12/23/2004 🔍
12/24/2004 🔍
12/26/2004 🔍
12/26/2004 🔍
12/28/2004 🔍
01/03/2005 🔍
01/07/2005 🔍
02/27/2015 🔍
07/06/2025 🔍
Sources
Vendor: nullsoft.comAdvisory: archives.neohapsis.com
Researcher: Tomasz Trojanowski, Damian Put
Status: Confirmed
CVE: CVE-2004-1373 (🔍)
GCVE (CVE): GCVE-0-2004-1373
GCVE (VulDB): GCVE-100-22603
X-Force: 18669
SecurityFocus: 12096 - Nullsoft SHOUTcast File Request Format String Vulnerability
Secunia: 13661 - SHOUTcast Filename Format String Vulnerability, Highly Critical
OSVDB: 12585 - SHOUTcast Filename Remote Format String
SecurityTracker: 1012675
Vulnerability Center: 6733 - NullSoft SHOUTcast Server 1.9.4 Format String Attack Enables Code Execution, High
scip Labs: https://www.scip.ch/en/?labs.20161013
Entry
Created: 02/27/2015 23:39Updated: 07/06/2025 18:54
Changes: 02/27/2015 23:39 (96), 06/04/2019 16:28 (2), 12/31/2024 21:57 (18), 07/06/2025 18:54 (2)
Complete: 🔍
Cache ID: 216:599:103
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.