- EPSS 22.64%
- Veröffentlicht 28.11.2006 02:07:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Format string vulnerability in the sqllog function in the SQL accounting code for radiusd in GNU Radius 1.2 and 1.3 allows remote attackers to execute arbitrary code via unknown vectors.
- EPSS 0.74%
- Veröffentlicht 23.12.2004 05:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Integer overflow in the asn_decode_string() function defined in asn1.c in radiusd for GNU Radius 1.1 and 1.2 before 1.2.94, when compiled with the --enable-snmp option, allows remote attackers to cause a denial of service (daemon crash) via certain S...
- EPSS 0.74%
- Veröffentlicht 06.12.2004 05:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
The radius daemon (radiusd) for GNU Radius 1.1, when compiled with the -enable-snmp option, allows remote attackers to cause a denial of service (server crash) via malformed SNMP messages containing an invalid OID.
- EPSS 4.34%
- Veröffentlicht 03.03.2004 05:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
The rad_print_request function in logger.c for GNU Radius daemon (radiusd) before 1.2 allows remote attackers to cause a denial of service (crash) via a UDP packet with an Acct-Status-Type attribute without a value and no Acct-Session-Id attribute, w...
CVE-2001-1376
- EPSS 29.86%
- Veröffentlicht 04.03.2002 05:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data.
- EPSS 10.28%
- Veröffentlicht 04.03.2002 05:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2.