Candidate: CVE-2014-9018
PublicDate: 2014-12-03 18:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9018
 https://trac.xiph.org/ticket/2089
Description:
 Icecast before 2.4.1 transmits the output of the on-connect script, which
 might allow remote attackers to obtain sensitive information, related to
 shared file descriptors.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770222
 https://bugs.launchpad.net/ubuntu/+source/icecast2/+bug/1449771
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_icecast2:
upstream_icecast2: released (2.4.0-1.1)
lucid_icecast2: ignored (reached end-of-life)
precise_icecast2: ignored (reached end-of-life)
precise/esm_icecast2: DNE (precise was needed)
trusty_icecast2: released (2.3.3-2ubuntu1.14.04.1)
trusty/esm_icecast2: DNE (trusty was released [2.3.3-2ubuntu1.14.04.1])
utopic_icecast2: released (2.3.3-2ubuntu1.14.10.1)
vivid_icecast2: not-affected (2.4.0-1.1)
vivid/stable-phone-overlay_icecast2: DNE
vivid/ubuntu-core_icecast2: DNE
wily_icecast2: not-affected (2.4.0-1.1)
xenial_icecast2: not-affected (2.4.0-1.1)
yakkety_icecast2: not-affected (2.4.0-1.1)
zesty_icecast2: not-affected (2.4.0-1.1)
devel_icecast2: not-affected (2.4.0-1.1)