{"id":"CVE-2014-9018","details":"Icecast before 2.4.1 transmits the output of the on-connect script, which might allow remote attackers to obtain sensitive information, related to shared file descriptors.","modified":"2026-04-16T06:18:48.656930119Z","published":"2014-12-03T18:59:08Z","related":["openSUSE-SU-2024:10067-1"],"references":[{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:231"},{"type":"EVIDENCE","url":"http://www.openwall.com/lists/oss-security/2014/11/19/23"},{"type":"EVIDENCE","url":"http://www.openwall.com/lists/oss-security/2014/11/20/22"},{"type":"EVIDENCE","url":"https://trac.xiph.org/ticket/2087"},{"type":"WEB","url":"http://icecast.org/news/icecast-release-2_4_1/"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-updates/2014-12/msg00038.html"},{"type":"WEB","url":"http://www.securityfocus.com/bid/71312"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/98991"},{"type":"WEB","url":"https://trac.xiph.org/ticket/2089"}],"schema_version":"1.7.5"}