Show filters
98 Total Results
Displaying 81-90 of 98
Sort by:
Attacker Value
Unknown

CVE-2004-0961

Disclosure Date: February 09, 2005 (last updated February 22, 2025)
Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (memory exhaustion) via a series of Access-Request packets with (1) Ascend-Send-Secret, (2) Ascend-Recv-Secret, or (3) Tunnel-Password attributes.
0
0
Attacker Value
Unknown

CVE-2005-0108

Disclosure Date: January 11, 2005 (last updated February 22, 2025)
Apache mod_auth_radius 1.5.4 and libpam-radius-auth allow remote malicious RADIUS servers to cause a denial of service (crash) via a RADIUS_REPLY_MESSAGE with a RADIUS attribute length of 1, which leads to a memcpy operation with a -1 length argument.
0
0
Attacker Value
Unknown

CVE-2004-0987

Disclosure Date: January 10, 2005 (last updated February 22, 2025)
Buffer overflow in the process_menu function in yardradius 1.0.20 allows remote attackers to execute arbitrary code.
0
0
Attacker Value
Unknown

CVE-2004-0849

Disclosure Date: December 23, 2004 (last updated February 22, 2025)
Integer overflow in the asn_decode_string() function defined in asn1.c in radiusd for GNU Radius 1.1 and 1.2 before 1.2.94, when compiled with the --enable-snmp option, allows remote attackers to cause a denial of service (daemon crash) via certain SNMP requests.
0
0
Attacker Value
Unknown

CVE-2004-0576

Disclosure Date: December 06, 2004 (last updated February 22, 2025)
The radius daemon (radiusd) for GNU Radius 1.1, when compiled with the -enable-snmp option, allows remote attackers to cause a denial of service (server crash) via malformed SNMP messages containing an invalid OID.
0
0
Attacker Value
Unknown

CVE-2004-0938

Disclosure Date: November 03, 2004 (last updated February 22, 2025)
FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (server crash) by sending an Ascend-Send-Secret attribute without the required leading packet.
0
0
Attacker Value
Unknown

CVE-2004-0131

Disclosure Date: March 03, 2004 (last updated February 22, 2025)
The rad_print_request function in logger.c for GNU Radius daemon (radiusd) before 1.2 allows remote attackers to cause a denial of service (crash) via a UDP packet with an Acct-Status-Type attribute without a value and no Acct-Session-Id attribute, which causes a null dereference.
0
0
Attacker Value
Unknown

CVE-2003-0967

Disclosure Date: December 15, 2003 (last updated February 22, 2025)
rad_decode in FreeRADIUS 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a short RADIUS string attribute with a tag, which causes memcpy to be called with a -1 length argument, as demonstrated using the Tunnel-Password attribute.
0
0
Attacker Value
Unknown

CVE-2003-0450

Disclosure Date: August 07, 2003 (last updated February 22, 2025)
Cistron RADIUS daemon (radiusd-cistron) 1.6.6 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large value in an NAS-Port attribute, which is interpreted as a negative number and causes a buffer overflow.
0
0
Attacker Value
Unknown

CVE-2002-0318

Disclosure Date: June 25, 2002 (last updated February 22, 2025)
FreeRADIUS RADIUS server allows remote attackers to cause a denial of service (CPU consumption) via a flood of Access-Request packets.
0
0
View More Topics  < Previous  Next >