Debian Security Advisory DSA 089-1 (icecast-server)

The remote host is missing an update to icecast-server announced via advisory DSA 089-1.
The icecast-server (a streaming music server) package as distributed in Debian GNU/Linux 2.2 has several security problems: * if a client added a / after the filename of a file to be downloaded the server would crash * by escaping dots as %2E it was possible to circumvent security measures and download arbitrary files * there were several buffer overflows that could be exploited to gain root access These have been fixed in version 1.3.10-1, and we strongly recommend that you upgrade your icecast-server package immediately.