CVE-2014-9091

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2014-9091

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2014-9091.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2014-9091

Downstream

DEBIAN-CVE-2014-9091

UBUNTU-CVE-2014-9091

Published

2014-12-10T15:59:19Z

Modified

2025-08-09T20:01:26Z

Summary

[none]

Details

Icecast before 2.4.0 does not change the supplementary group privileges when <changeowner> is configured, which allows local users to gain privileges via unspecified vectors.

References

http://icecast.org/news/icecast-release-2_4_0/
https://trac.xiph.org/changeset/19137/
https://bugzilla.redhat.com/show_bug.cgi?id=1168146
http://lists.opensuse.org/opensuse-updates/2014-12/msg00037.html
http://seclists.org/oss-sec/2014/q4/794
http://seclists.org/oss-sec/2014/q4/802

CVE-2014-9091

Affected packages