Plaintext Password Exposure in Nullsoft SHOUTcast Server
CVE-1999-1561

Currently unrated

Key Information:

Vendor: Nullsoft
Status: Shoutcast Server
Vendor: CVE Published:; 20 August 1999

What is CVE-1999-1561?

The Nullsoft SHOUTcast Server is vulnerable as it stores the administrative password in plaintext within the configuration file (sc_serv.conf). This vulnerability poses significant risks as it can permit local users to obtain these credentials, potentially leading to unauthorized administrative access. Ensuring secure password management and mitigating access to sensitive configuration files is crucial to protect against exploitation.

References

http://www.securityfocus.com/archive/1/24852

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Aug 31, 2001
Vulnerability published
Aug 20, 1999