All the vulnerabilites related to freeradius - freeradius
cve-2005-1455
Vulnerability from cvelistv5
Published
2005-05-19 04:00
Modified
2024-08-07 21:51
Severity ?
EPSS score ?
Summary
Buffer overflow in the sql_escape_func function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote attackers to cause a denial of service (crash).
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.novell.com/linux/security/advisories/2005_14_sr.html | vendor-advisory, x_refsource_SUSE | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9579 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.securitytracker.com/alerts/2005/May/1013909.html | vdb-entry, x_refsource_SECTRACK | |
| http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-05/0492.html | mailing-list, x_refsource_FULLDISC | |
| http://www.freeradius.org/security.html | x_refsource_CONFIRM | |
| http://www.gentoo.org/security/en/glsa/glsa-200505-13.xml | vendor-advisory, x_refsource_GENTOO | |
| http://www.redhat.com/support/errata/RHSA-2005-524.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/13541 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/20450 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:51:50.027Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SR:2005:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_14_sr.html"
},
{
"name": "oval:org.mitre.oval:def:9579",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9579"
},
{
"name": "1013909",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/alerts/2005/May/1013909.html"
},
{
"name": "20050520 ERRATA: [ GLSA 200505-13 ] FreeRADIUS: SQL injection and Denial of Service vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-05/0492.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.freeradius.org/security.html"
},
{
"name": "GLSA-200505-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200505-13.xml"
},
{
"name": "RHSA-2005:524",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-524.html"
},
{
"name": "13541",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13541"
},
{
"name": "freeradius-sqlescapefunc-bo(20450)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20450"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-05-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the sql_escape_func function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote attackers to cause a denial of service (crash)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "SUSE-SR:2005:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_14_sr.html"
},
{
"name": "oval:org.mitre.oval:def:9579",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9579"
},
{
"name": "1013909",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/alerts/2005/May/1013909.html"
},
{
"name": "20050520 ERRATA: [ GLSA 200505-13 ] FreeRADIUS: SQL injection and Denial of Service vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-05/0492.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.freeradius.org/security.html"
},
{
"name": "GLSA-200505-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200505-13.xml"
},
{
"name": "RHSA-2005:524",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-524.html"
},
{
"name": "13541",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13541"
},
{
"name": "freeradius-sqlescapefunc-bo(20450)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20450"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-1455",
"datePublished": "2005-05-19T04:00:00",
"dateReserved": "2005-05-05T00:00:00",
"dateUpdated": "2024-08-07T21:51:50.027Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-10143
Vulnerability from cvelistv5
Published
2019-05-24 00:00
Modified
2024-08-04 22:10
Severity ?
EPSS score ?
Summary
It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges to root, by tricking logrotate into writing a radiusd-writable file to a directory normally inaccessible by the radiusd user. NOTE: the upstream software maintainer has stated "there is simply no way for anyone to gain privileges through this alleged issue."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | freeradius | freeradius |
Version: affects <= 3.0.19 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "freeradius",
"vendor": "freeradius",
"versions": [
{
"lessThanOrEqual": "3.0.19",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fedora",
"vendor": "fedoraproject",
"versions": [
{
"status": "affected",
"version": "30"
}
]
},
{
"cpes": [
"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fedora",
"vendor": "fedoraproject",
"versions": [
{
"status": "affected",
"version": "29"
}
]
},
{
"cpes": [
"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "enterprise_linux",
"vendor": "redhat",
"versions": [
{
"status": "affected",
"version": "8.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-10143",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-01T19:23:06.388705Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T19:24:21.005Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:10:10.031Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2019-4a8eeaf80e",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TKODLHHUOVAYENTBP4D3N25ST3Q6LJBP/"
},
{
"name": "FEDORA-2019-9454ce61b2",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A6VKBZAZKJP5QKXDXRKCM2ZPZND3TFAX/"
},
{
"name": "RHSA-2019:3353",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3353"
},
{
"name": "20191115 [AIT-SA-20191112-01] CVE-2019-10143: Privilege Escalation via Logrotate in FreeRadius",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Nov/14"
},
{
"tags": [
"x_transferred"
],
"url": "https://freeradius.org/security/"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155361/FreeRadius-3.0.19-Logrotate-Privilege-Escalation.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10143"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/FreeRADIUS/freeradius-server/pull/2666"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "freeradius",
"vendor": "freeradius",
"versions": [
{
"status": "affected",
"version": "affects \u003c= 3.0.19"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges to root, by tricking logrotate into writing a radiusd-writable file to a directory normally inaccessible by the radiusd user. NOTE: the upstream software maintainer has stated \"there is simply no way for anyone to gain privileges through this alleged issue.\""
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-12T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2019-4a8eeaf80e",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TKODLHHUOVAYENTBP4D3N25ST3Q6LJBP/"
},
{
"name": "FEDORA-2019-9454ce61b2",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A6VKBZAZKJP5QKXDXRKCM2ZPZND3TFAX/"
},
{
"name": "RHSA-2019:3353",
"tags": [
"vendor-advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3353"
},
{
"name": "20191115 [AIT-SA-20191112-01] CVE-2019-10143: Privilege Escalation via Logrotate in FreeRadius",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2019/Nov/14"
},
{
"url": "https://freeradius.org/security/"
},
{
"url": "http://packetstormsecurity.com/files/155361/FreeRadius-3.0.19-Logrotate-Privilege-Escalation.html"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10143"
},
{
"url": "https://github.com/FreeRADIUS/freeradius-server/pull/2666"
}
],
"tags": [
"disputed"
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2019-10143",
"datePublished": "2019-05-24T00:00:00",
"dateReserved": "2019-03-27T00:00:00",
"dateUpdated": "2024-08-04T22:10:10.031Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-11234
Vulnerability from cvelistv5
Published
2019-04-21 16:36
Modified
2024-08-04 22:48
Severity ?
EPSS score ?
Summary
FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication spoofing, aka a "Dragonblood" issue, a similar issue to CVE-2019-9497.
References
| ▼ | URL | Tags |
|---|---|---|
| https://freeradius.org/release_notes/?br=3.0.x&re=3.0.19 | x_refsource_MISC | |
| https://papers.mathyvanhoef.com/dragonblood.pdf | x_refsource_MISC | |
| https://www.kb.cert.org/vuls/id/871675/ | x_refsource_MISC | |
| https://freeradius.org/security/ | x_refsource_MISC | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1695783 | x_refsource_CONFIRM | |
| https://usn.ubuntu.com/3954-1/ | vendor-advisory, x_refsource_UBUNTU | |
| http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00014.html | vendor-advisory, x_refsource_SUSE | |
| https://access.redhat.com/errata/RHSA-2019:1131 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2019:1142 | vendor-advisory, x_refsource_REDHAT | |
| http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00032.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00033.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:48:08.954Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://freeradius.org/release_notes/?br=3.0.x\u0026re=3.0.19"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://papers.mathyvanhoef.com/dragonblood.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/871675/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://freeradius.org/security/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695783"
},
{
"name": "USN-3954-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3954-1/"
},
{
"name": "openSUSE-SU-2019:1346",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00014.html"
},
{
"name": "RHSA-2019:1131",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1131"
},
{
"name": "RHSA-2019:1142",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1142"
},
{
"name": "openSUSE-SU-2019:1394",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00032.html"
},
{
"name": "openSUSE-SU-2020:0542",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00033.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication spoofing, aka a \"Dragonblood\" issue, a similar issue to CVE-2019-9497."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-23T15:06:23",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://freeradius.org/release_notes/?br=3.0.x\u0026re=3.0.19"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://papers.mathyvanhoef.com/dragonblood.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/871675/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://freeradius.org/security/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695783"
},
{
"name": "USN-3954-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3954-1/"
},
{
"name": "openSUSE-SU-2019:1346",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00014.html"
},
{
"name": "RHSA-2019:1131",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1131"
},
{
"name": "RHSA-2019:1142",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1142"
},
{
"name": "openSUSE-SU-2019:1394",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00032.html"
},
{
"name": "openSUSE-SU-2020:0542",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00033.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-11234",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication spoofing, aka a \"Dragonblood\" issue, a similar issue to CVE-2019-9497."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://freeradius.org/release_notes/?br=3.0.x\u0026re=3.0.19",
"refsource": "MISC",
"url": "https://freeradius.org/release_notes/?br=3.0.x\u0026re=3.0.19"
},
{
"name": "https://papers.mathyvanhoef.com/dragonblood.pdf",
"refsource": "MISC",
"url": "https://papers.mathyvanhoef.com/dragonblood.pdf"
},
{
"name": "https://www.kb.cert.org/vuls/id/871675/",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/871675/"
},
{
"name": "https://freeradius.org/security/",
"refsource": "MISC",
"url": "https://freeradius.org/security/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1695783",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695783"
},
{
"name": "USN-3954-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3954-1/"
},
{
"name": "openSUSE-SU-2019:1346",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00014.html"
},
{
"name": "RHSA-2019:1131",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1131"
},
{
"name": "RHSA-2019:1142",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1142"
},
{
"name": "openSUSE-SU-2019:1394",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00032.html"
},
{
"name": "openSUSE-SU-2020:0542",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00033.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-11234",
"datePublished": "2019-04-21T16:36:48",
"dateReserved": "2019-04-15T00:00:00",
"dateUpdated": "2024-08-04T22:48:08.954Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-4745
Vulnerability from cvelistv5
Published
2006-03-28 11:00
Modified
2024-08-07 23:53
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in the rlm_sqlcounter module in FreeRADIUS 1.0.3 and 1.0.4 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.mandriva.com/security/advisories?name=MDKSA-2007:092 | vendor-advisory, x_refsource_MANDRIVA | |
| http://www.debian.org/security/2006/dsa-1145 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.freeradius.org/security.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/17294 | vdb-entry, x_refsource_BID | |
| http://www.osvdb.org/19323 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:53:28.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2007:092",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:092"
},
{
"name": "DSA-1145",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1145"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.freeradius.org/security.html"
},
{
"name": "17294",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17294"
},
{
"name": "19323",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/19323"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-09-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the rlm_sqlcounter module in FreeRADIUS 1.0.3 and 1.0.4 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-04-04T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "MDKSA-2007:092",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:092"
},
{
"name": "DSA-1145",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1145"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.freeradius.org/security.html"
},
{
"name": "17294",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17294"
},
{
"name": "19323",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/19323"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-4745",
"datePublished": "2006-03-28T11:00:00",
"dateReserved": "2006-03-28T00:00:00",
"dateUpdated": "2024-08-07T23:53:28.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-2028
Vulnerability from cvelistv5
Published
2007-04-13 18:00
Modified
2024-08-07 13:23
Severity ?
EPSS score ?
Summary
Memory leak in freeRADIUS 1.1.5 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of EAP-TTLS tunnel connections using malformed Diameter format attributes, which causes the authentication request to be rejected but does not reclaim VALUE_PAIR data structures.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:23:50.303Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2007-0013",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2007/0013/"
},
{
"name": "oval:org.mitre.oval:def:11156",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11156"
},
{
"name": "MDKSA-2007:085",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:085"
},
{
"name": "GLSA-200704-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200704-14.xml"
},
{
"name": "24996",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24996"
},
{
"name": "ADV-2007-1369",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1369"
},
{
"name": "RHSA-2007:0338",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0338.html"
},
{
"name": "24849",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24849"
},
{
"name": "23466",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23466"
},
{
"name": "24917",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24917"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.freeradius.org/security.html"
},
{
"name": "SUSE-SR:2007:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_10_sr.html"
},
{
"name": "25201",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25201"
},
{
"name": "24907",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24907"
},
{
"name": "25220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25220"
},
{
"name": "1018042",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018042"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Memory leak in freeRADIUS 1.1.5 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of EAP-TTLS tunnel connections using malformed Diameter format attributes, which causes the authentication request to be rejected but does not reclaim VALUE_PAIR data structures."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "2007-0013",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2007/0013/"
},
{
"name": "oval:org.mitre.oval:def:11156",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11156"
},
{
"name": "MDKSA-2007:085",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:085"
},
{
"name": "GLSA-200704-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200704-14.xml"
},
{
"name": "24996",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24996"
},
{
"name": "ADV-2007-1369",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1369"
},
{
"name": "RHSA-2007:0338",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0338.html"
},
{
"name": "24849",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24849"
},
{
"name": "23466",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23466"
},
{
"name": "24917",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24917"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.freeradius.org/security.html"
},
{
"name": "SUSE-SR:2007:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_10_sr.html"
},
{
"name": "25201",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25201"
},
{
"name": "24907",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24907"
},
{
"name": "25220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25220"
},
{
"name": "1018042",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018042"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-2028",
"datePublished": "2007-04-13T18:00:00",
"dateReserved": "2007-04-13T00:00:00",
"dateUpdated": "2024-08-07T13:23:50.303Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-10980
Vulnerability from cvelistv5
Published
2017-07-17 16:00
Modified
2024-08-05 17:57
Severity ?
EPSS score ?
Summary
An FR-GV-203 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in decode_tlv()" and a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1038914 | vdb-entry, x_refsource_SECTRACK | |
| https://access.redhat.com/errata/RHSA-2017:1759 | vendor-advisory, x_refsource_REDHAT | |
| http://www.debian.org/security/2017/dsa-3930 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.securityfocus.com/bid/99905 | vdb-entry, x_refsource_BID | |
| http://freeradius.org/security/fuzzer-2017.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:57:57.359Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038914",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038914"
},
{
"name": "RHSA-2017:1759",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
},
{
"name": "DSA-3930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"name": "99905",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99905"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An FR-GV-203 issue in FreeRADIUS 2.x before 2.2.10 allows \"DHCP - Memory leak in decode_tlv()\" and a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1038914",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038914"
},
{
"name": "RHSA-2017:1759",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
},
{
"name": "DSA-3930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"name": "99905",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99905"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-10980",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An FR-GV-203 issue in FreeRADIUS 2.x before 2.2.10 allows \"DHCP - Memory leak in decode_tlv()\" and a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038914",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038914"
},
{
"name": "RHSA-2017:1759",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
},
{
"name": "DSA-3930",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"name": "99905",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99905"
},
{
"name": "http://freeradius.org/security/fuzzer-2017.html",
"refsource": "CONFIRM",
"url": "http://freeradius.org/security/fuzzer-2017.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-10980",
"datePublished": "2017-07-17T16:00:00",
"dateReserved": "2017-07-06T00:00:00",
"dateUpdated": "2024-08-05T17:57:57.359Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-11235
Vulnerability from cvelistv5
Published
2019-04-21 16:40
Modified
2024-08-04 22:48
Severity ?
EPSS score ?
Summary
FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection mechanism, aka a "Dragonblood" issue, a similar issue to CVE-2019-9498 and CVE-2019-9499.
References
| ▼ | URL | Tags |
|---|---|---|
| https://freeradius.org/release_notes/?br=3.0.x&re=3.0.19 | x_refsource_MISC | |
| https://papers.mathyvanhoef.com/dragonblood.pdf | x_refsource_MISC | |
| https://www.kb.cert.org/vuls/id/871675/ | x_refsource_MISC | |
| https://freeradius.org/security/ | x_refsource_MISC | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1695748 | x_refsource_CONFIRM | |
| https://usn.ubuntu.com/3954-1/ | vendor-advisory, x_refsource_UBUNTU | |
| http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00014.html | vendor-advisory, x_refsource_SUSE | |
| https://access.redhat.com/errata/RHSA-2019:1131 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2019:1142 | vendor-advisory, x_refsource_REDHAT | |
| http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00032.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00033.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:48:08.973Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://freeradius.org/release_notes/?br=3.0.x\u0026re=3.0.19"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://papers.mathyvanhoef.com/dragonblood.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/871675/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://freeradius.org/security/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695748"
},
{
"name": "USN-3954-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3954-1/"
},
{
"name": "openSUSE-SU-2019:1346",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00014.html"
},
{
"name": "RHSA-2019:1131",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1131"
},
{
"name": "RHSA-2019:1142",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1142"
},
{
"name": "openSUSE-SU-2019:1394",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00032.html"
},
{
"name": "openSUSE-SU-2020:0542",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00033.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FreeRADIUS before 3.0.19 mishandles the \"each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used\" protection mechanism, aka a \"Dragonblood\" issue, a similar issue to CVE-2019-9498 and CVE-2019-9499."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-23T15:06:24",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://freeradius.org/release_notes/?br=3.0.x\u0026re=3.0.19"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://papers.mathyvanhoef.com/dragonblood.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/871675/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://freeradius.org/security/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695748"
},
{
"name": "USN-3954-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3954-1/"
},
{
"name": "openSUSE-SU-2019:1346",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00014.html"
},
{
"name": "RHSA-2019:1131",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1131"
},
{
"name": "RHSA-2019:1142",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1142"
},
{
"name": "openSUSE-SU-2019:1394",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00032.html"
},
{
"name": "openSUSE-SU-2020:0542",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00033.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-11235",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FreeRADIUS before 3.0.19 mishandles the \"each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used\" protection mechanism, aka a \"Dragonblood\" issue, a similar issue to CVE-2019-9498 and CVE-2019-9499."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://freeradius.org/release_notes/?br=3.0.x\u0026re=3.0.19",
"refsource": "MISC",
"url": "https://freeradius.org/release_notes/?br=3.0.x\u0026re=3.0.19"
},
{
"name": "https://papers.mathyvanhoef.com/dragonblood.pdf",
"refsource": "MISC",
"url": "https://papers.mathyvanhoef.com/dragonblood.pdf"
},
{
"name": "https://www.kb.cert.org/vuls/id/871675/",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/871675/"
},
{
"name": "https://freeradius.org/security/",
"refsource": "MISC",
"url": "https://freeradius.org/security/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1695748",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695748"
},
{
"name": "USN-3954-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3954-1/"
},
{
"name": "openSUSE-SU-2019:1346",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00014.html"
},
{
"name": "RHSA-2019:1131",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1131"
},
{
"name": "RHSA-2019:1142",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1142"
},
{
"name": "openSUSE-SU-2019:1394",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00032.html"
},
{
"name": "openSUSE-SU-2020:0542",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00033.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-11235",
"datePublished": "2019-04-21T16:40:32",
"dateReserved": "2019-04-15T00:00:00",
"dateUpdated": "2024-08-04T22:48:08.973Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-4746
Vulnerability from cvelistv5
Published
2006-03-28 11:00
Modified
2024-08-07 23:53
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in FreeRADIUS 1.0.3 and 1.0.4 allow remote attackers to cause denial of service (crash) via (1) the rlm_sqlcounter module or (2) unknown vectors "while expanding %t".
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/17293 | vdb-entry, x_refsource_BID | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2007:092 | vendor-advisory, x_refsource_MANDRIVA | |
| http://www.osvdb.org/19325 | vdb-entry, x_refsource_OSVDB | |
| http://www.osvdb.org/19324 | vdb-entry, x_refsource_OSVDB | |
| http://www.debian.org/security/2006/dsa-1145 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.freeradius.org/security.html | x_refsource_CONFIRM | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2006:066 | vendor-advisory, x_refsource_MANDRIVA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:53:29.012Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "17293",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17293"
},
{
"name": "MDKSA-2007:092",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:092"
},
{
"name": "19325",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/19325"
},
{
"name": "19324",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/19324"
},
{
"name": "DSA-1145",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1145"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.freeradius.org/security.html"
},
{
"name": "MDKSA-2006:066",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:066"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-09-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in FreeRADIUS 1.0.3 and 1.0.4 allow remote attackers to cause denial of service (crash) via (1) the rlm_sqlcounter module or (2) unknown vectors \"while expanding %t\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-04-04T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "17293",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17293"
},
{
"name": "MDKSA-2007:092",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:092"
},
{
"name": "19325",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/19325"
},
{
"name": "19324",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/19324"
},
{
"name": "DSA-1145",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1145"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.freeradius.org/security.html"
},
{
"name": "MDKSA-2006:066",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:066"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-4746",
"datePublished": "2006-03-28T11:00:00",
"dateReserved": "2006-03-28T00:00:00",
"dateUpdated": "2024-08-07T23:53:29.012Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-3547
Vulnerability from cvelistv5
Published
2012-09-18 17:00
Modified
2024-08-06 20:13
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in the cbtls_verify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via a long "not after" timestamp in a client certificate.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:13:49.904Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "50584",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50584"
},
{
"name": "APPLE-SA-2013-10-22-5",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00006.html"
},
{
"name": "50637",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50637"
},
{
"name": "USN-1585-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1585-1"
},
{
"name": "RHSA-2012:1327",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1327.html"
},
{
"name": "50484",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50484"
},
{
"name": "DSA-2546",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2546"
},
{
"name": "55483",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55483"
},
{
"name": "1027509",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027509"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.pre-cert.de/advisories/PRE-SA-2012-06.txt"
},
{
"name": "20120910 [PRE-SA-2012-06] FreeRADIUS: Stack Overflow in TLS-based EAP Methods",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-09/0043.html"
},
{
"name": "[oss-security] 20120910 [PRE-SA-2012-06] FreeRADIUS: Stack Overflow in TLS-based EAP Methods",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/09/10/2"
},
{
"name": "MDVSA-2012:159",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:159"
},
{
"name": "openSUSE-SU-2012:1200",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00023.html"
},
{
"name": "freeradius-cbtlsverify-bo(78408)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78408"
},
{
"name": "RHSA-2012:1326",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1326.html"
},
{
"name": "85325",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/85325"
},
{
"name": "50770",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50770"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freeradius.org/security.html"
},
{
"name": "FEDORA-2012-15743",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090171.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-09-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the cbtls_verify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via a long \"not after\" timestamp in a client certificate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "50584",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50584"
},
{
"name": "APPLE-SA-2013-10-22-5",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00006.html"
},
{
"name": "50637",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50637"
},
{
"name": "USN-1585-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1585-1"
},
{
"name": "RHSA-2012:1327",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1327.html"
},
{
"name": "50484",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50484"
},
{
"name": "DSA-2546",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2546"
},
{
"name": "55483",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55483"
},
{
"name": "1027509",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027509"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.pre-cert.de/advisories/PRE-SA-2012-06.txt"
},
{
"name": "20120910 [PRE-SA-2012-06] FreeRADIUS: Stack Overflow in TLS-based EAP Methods",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-09/0043.html"
},
{
"name": "[oss-security] 20120910 [PRE-SA-2012-06] FreeRADIUS: Stack Overflow in TLS-based EAP Methods",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/09/10/2"
},
{
"name": "MDVSA-2012:159",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:159"
},
{
"name": "openSUSE-SU-2012:1200",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00023.html"
},
{
"name": "freeradius-cbtlsverify-bo(78408)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78408"
},
{
"name": "RHSA-2012:1326",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1326.html"
},
{
"name": "85325",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/85325"
},
{
"name": "50770",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50770"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freeradius.org/security.html"
},
{
"name": "FEDORA-2012-15743",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090171.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3547",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the cbtls_verify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via a long \"not after\" timestamp in a client certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "50584",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50584"
},
{
"name": "APPLE-SA-2013-10-22-5",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00006.html"
},
{
"name": "50637",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50637"
},
{
"name": "USN-1585-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1585-1"
},
{
"name": "RHSA-2012:1327",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1327.html"
},
{
"name": "50484",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50484"
},
{
"name": "DSA-2546",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2546"
},
{
"name": "55483",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55483"
},
{
"name": "1027509",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027509"
},
{
"name": "http://www.pre-cert.de/advisories/PRE-SA-2012-06.txt",
"refsource": "MISC",
"url": "http://www.pre-cert.de/advisories/PRE-SA-2012-06.txt"
},
{
"name": "20120910 [PRE-SA-2012-06] FreeRADIUS: Stack Overflow in TLS-based EAP Methods",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-09/0043.html"
},
{
"name": "[oss-security] 20120910 [PRE-SA-2012-06] FreeRADIUS: Stack Overflow in TLS-based EAP Methods",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/10/2"
},
{
"name": "MDVSA-2012:159",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:159"
},
{
"name": "openSUSE-SU-2012:1200",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00023.html"
},
{
"name": "freeradius-cbtlsverify-bo(78408)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78408"
},
{
"name": "RHSA-2012:1326",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1326.html"
},
{
"name": "85325",
"refsource": "OSVDB",
"url": "http://osvdb.org/85325"
},
{
"name": "50770",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50770"
},
{
"name": "http://freeradius.org/security.html",
"refsource": "CONFIRM",
"url": "http://freeradius.org/security.html"
},
{
"name": "FEDORA-2012-15743",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090171.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-3547",
"datePublished": "2012-09-18T17:00:00",
"dateReserved": "2012-06-14T00:00:00",
"dateUpdated": "2024-08-06T20:13:49.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-10983
Vulnerability from cvelistv5
Published
2017-07-17 16:00
Modified
2024-08-05 17:57
Severity ?
EPSS score ?
Summary
An FR-GV-206 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "DHCP - Read overflow when decoding option 63" and a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1038914 | vdb-entry, x_refsource_SECTRACK | |
| https://access.redhat.com/errata/RHSA-2017:1759 | vendor-advisory, x_refsource_REDHAT | |
| http://www.debian.org/security/2017/dsa-3930 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.securityfocus.com/bid/99915 | vdb-entry, x_refsource_BID | |
| https://access.redhat.com/errata/RHSA-2017:2389 | vendor-advisory, x_refsource_REDHAT | |
| http://freeradius.org/security/fuzzer-2017.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:57:57.885Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038914",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038914"
},
{
"name": "RHSA-2017:1759",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
},
{
"name": "DSA-3930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"name": "99915",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99915"
},
{
"name": "RHSA-2017:2389",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An FR-GV-206 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows \"DHCP - Read overflow when decoding option 63\" and a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1038914",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038914"
},
{
"name": "RHSA-2017:1759",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
},
{
"name": "DSA-3930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"name": "99915",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99915"
},
{
"name": "RHSA-2017:2389",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-10983",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An FR-GV-206 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows \"DHCP - Read overflow when decoding option 63\" and a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038914",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038914"
},
{
"name": "RHSA-2017:1759",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
},
{
"name": "DSA-3930",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"name": "99915",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99915"
},
{
"name": "RHSA-2017:2389",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
},
{
"name": "http://freeradius.org/security/fuzzer-2017.html",
"refsource": "CONFIRM",
"url": "http://freeradius.org/security/fuzzer-2017.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-10983",
"datePublished": "2017-07-17T16:00:00",
"dateReserved": "2017-07-06T00:00:00",
"dateUpdated": "2024-08-05T17:57:57.885Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-2701
Vulnerability from cvelistv5
Published
2011-08-04 01:00
Modified
2024-08-06 23:08
Severity ?
EPSS score ?
Summary
The ocsp_check function in rlm_eap_tls.c in FreeRADIUS 2.1.11, when OCSP is enabled, does not properly parse replies from OCSP responders, which allows remote attackers to bypass authentication by using the EAP-TLS protocol with a revoked X.509 client certificate.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/48880 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/68782 | vdb-entry, x_refsource_XF | |
| http://www.openwall.com/lists/oss-security/2011/07/15/6 | mailing-list, x_refsource_MLIST | |
| http://www.openwall.com/lists/oss-security/2011/07/18/2 | mailing-list, x_refsource_MLIST | |
| http://secunia.com/advisories/45425 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/archive/1/518974/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| https://www.dfn-cert.de/informationen/Sicherheitsbulletins/dsb-2011-01.html | x_refsource_MISC | |
| http://securityreason.com/securityalert/8325 | third-party-advisory, x_refsource_SREASON | |
| http://securitytracker.com/id?1025833 | vdb-entry, x_refsource_SECTRACK | |
| https://bugzilla.redhat.com/show_bug.cgi?id=724815 | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2011/07/20/9 | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:08:23.745Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48880",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/48880"
},
{
"name": "freeradius-certificate-security-bypass(68782)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68782"
},
{
"name": "[oss-security] 20110715 CVE request: vulnerability in FreeRADIUS (OCSP)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/15/6"
},
{
"name": "[oss-security] 20110718 Re: CVE request: vulnerability in FreeRADIUS (OCSP)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/18/2"
},
{
"name": "45425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45425"
},
{
"name": "20110725 [DSB-2011-01] Security Advisory FreeRADIUS 2.1.11",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/518974/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dfn-cert.de/informationen/Sicherheitsbulletins/dsb-2011-01.html"
},
{
"name": "8325",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8325"
},
{
"name": "1025833",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025833"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=724815"
},
{
"name": "[oss-security] 20110720 Re: CVE request: vulnerability in FreeRADIUS (OCSP)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/20/9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-07-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ocsp_check function in rlm_eap_tls.c in FreeRADIUS 2.1.11, when OCSP is enabled, does not properly parse replies from OCSP responders, which allows remote attackers to bypass authentication by using the EAP-TLS protocol with a revoked X.509 client certificate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48880",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/48880"
},
{
"name": "freeradius-certificate-security-bypass(68782)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68782"
},
{
"name": "[oss-security] 20110715 CVE request: vulnerability in FreeRADIUS (OCSP)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/15/6"
},
{
"name": "[oss-security] 20110718 Re: CVE request: vulnerability in FreeRADIUS (OCSP)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/18/2"
},
{
"name": "45425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45425"
},
{
"name": "20110725 [DSB-2011-01] Security Advisory FreeRADIUS 2.1.11",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/518974/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dfn-cert.de/informationen/Sicherheitsbulletins/dsb-2011-01.html"
},
{
"name": "8325",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8325"
},
{
"name": "1025833",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025833"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=724815"
},
{
"name": "[oss-security] 20110720 Re: CVE request: vulnerability in FreeRADIUS (OCSP)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/20/9"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2701",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ocsp_check function in rlm_eap_tls.c in FreeRADIUS 2.1.11, when OCSP is enabled, does not properly parse replies from OCSP responders, which allows remote attackers to bypass authentication by using the EAP-TLS protocol with a revoked X.509 client certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "48880",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48880"
},
{
"name": "freeradius-certificate-security-bypass(68782)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68782"
},
{
"name": "[oss-security] 20110715 CVE request: vulnerability in FreeRADIUS (OCSP)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/07/15/6"
},
{
"name": "[oss-security] 20110718 Re: CVE request: vulnerability in FreeRADIUS (OCSP)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/07/18/2"
},
{
"name": "45425",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45425"
},
{
"name": "20110725 [DSB-2011-01] Security Advisory FreeRADIUS 2.1.11",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/518974/100/0/threaded"
},
{
"name": "https://www.dfn-cert.de/informationen/Sicherheitsbulletins/dsb-2011-01.html",
"refsource": "MISC",
"url": "https://www.dfn-cert.de/informationen/Sicherheitsbulletins/dsb-2011-01.html"
},
{
"name": "8325",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8325"
},
{
"name": "1025833",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025833"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=724815",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=724815"
},
{
"name": "[oss-security] 20110720 Re: CVE request: vulnerability in FreeRADIUS (OCSP)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/07/20/9"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2701",
"datePublished": "2011-08-04T01:00:00",
"dateReserved": "2011-07-11T00:00:00",
"dateUpdated": "2024-08-06T23:08:23.745Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-2015
Vulnerability from cvelistv5
Published
2014-11-02 00:00
Modified
2024-08-06 09:58
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in the normify function in the rlm_pap module (modules/rlm_pap/rlm_pap.c) in FreeRADIUS 2.x, possibly 2.2.3 and earlier, and 3.x, possibly 3.0.1 and earlier, might allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password hash, as demonstrated by an SSHA hash.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000616.html | mailing-list, x_refsource_MLIST | |
| http://www.openwall.com/lists/oss-security/2014/02/18/3 | mailing-list, x_refsource_MLIST | |
| http://rhn.redhat.com/errata/RHSA-2015-1287.html | vendor-advisory, x_refsource_REDHAT | |
| http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000612.html | mailing-list, x_refsource_MLIST | |
| http://ubuntu.com/usn/usn-2122-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000610.html | mailing-list, x_refsource_MLIST | |
| http://www.securityfocus.com/bid/65581 | vdb-entry, x_refsource_BID | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1066761 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:58:16.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[freebsd-bugbusters] 20140214 freeradius denial of service in authentication flow",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000616.html"
},
{
"name": "[oss-security] 20140216 Re: CVE request: freeradius denial of service in rlm_pap hash processing",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/02/18/3"
},
{
"name": "RHSA-2015:1287",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1287.html"
},
{
"name": "[freebsd-bugbusters] 20140213 freeradius denial of service in authentication flow",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000612.html"
},
{
"name": "USN-2122-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://ubuntu.com/usn/usn-2122-1"
},
{
"name": "[freebsd-bugbusters] 20140212 freeradius denial of service in authentication flow",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000610.html"
},
{
"name": "65581",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65581"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1066761"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the normify function in the rlm_pap module (modules/rlm_pap/rlm_pap.c) in FreeRADIUS 2.x, possibly 2.2.3 and earlier, and 3.x, possibly 3.0.1 and earlier, might allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password hash, as demonstrated by an SSHA hash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[freebsd-bugbusters] 20140214 freeradius denial of service in authentication flow",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000616.html"
},
{
"name": "[oss-security] 20140216 Re: CVE request: freeradius denial of service in rlm_pap hash processing",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/02/18/3"
},
{
"name": "RHSA-2015:1287",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1287.html"
},
{
"name": "[freebsd-bugbusters] 20140213 freeradius denial of service in authentication flow",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000612.html"
},
{
"name": "USN-2122-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://ubuntu.com/usn/usn-2122-1"
},
{
"name": "[freebsd-bugbusters] 20140212 freeradius denial of service in authentication flow",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000610.html"
},
{
"name": "65581",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65581"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1066761"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2015",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the normify function in the rlm_pap module (modules/rlm_pap/rlm_pap.c) in FreeRADIUS 2.x, possibly 2.2.3 and earlier, and 3.x, possibly 3.0.1 and earlier, might allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password hash, as demonstrated by an SSHA hash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[freebsd-bugbusters] 20140214 freeradius denial of service in authentication flow",
"refsource": "MLIST",
"url": "http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000616.html"
},
{
"name": "[oss-security] 20140216 Re: CVE request: freeradius denial of service in rlm_pap hash processing",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/02/18/3"
},
{
"name": "RHSA-2015:1287",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1287.html"
},
{
"name": "[freebsd-bugbusters] 20140213 freeradius denial of service in authentication flow",
"refsource": "MLIST",
"url": "http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000612.html"
},
{
"name": "USN-2122-1",
"refsource": "UBUNTU",
"url": "http://ubuntu.com/usn/usn-2122-1"
},
{
"name": "[freebsd-bugbusters] 20140212 freeradius denial of service in authentication flow",
"refsource": "MLIST",
"url": "http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000610.html"
},
{
"name": "65581",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65581"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1066761",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1066761"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2015",
"datePublished": "2014-11-02T00:00:00",
"dateReserved": "2014-02-17T00:00:00",
"dateUpdated": "2024-08-06T09:58:16.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-9148
Vulnerability from cvelistv5
Published
2017-05-29 17:00
Modified
2024-08-05 16:55
Severity ?
EPSS score ?
Summary
The TLS session cache in FreeRADIUS 2.1.1 through 2.1.7, 3.0.x before 3.0.14, 3.1.x before 2017-02-04, and 4.0.x before 2017-02-04 fails to reliably prevent resumption of an unauthenticated session, which allows remote attackers (such as malicious 802.1X supplicants) to bypass authentication via PEAP or TTLS.
References
| ▼ | URL | Tags |
|---|---|---|
| http://freeradius.org/security.html | x_refsource_MISC | |
| http://seclists.org/oss-sec/2017/q2/422 | x_refsource_MISC | |
| https://access.redhat.com/errata/RHSA-2017:1581 | vendor-advisory, x_refsource_REDHAT | |
| http://www.securitytracker.com/id/1038576 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/98734 | vdb-entry, x_refsource_BID | |
| https://security.gentoo.org/glsa/201706-27 | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:55:22.379Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://freeradius.org/security.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2017/q2/422"
},
{
"name": "RHSA-2017:1581",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1581"
},
{
"name": "1038576",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038576"
},
{
"name": "98734",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98734"
},
{
"name": "GLSA-201706-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201706-27"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-05-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The TLS session cache in FreeRADIUS 2.1.1 through 2.1.7, 3.0.x before 3.0.14, 3.1.x before 2017-02-04, and 4.0.x before 2017-02-04 fails to reliably prevent resumption of an unauthenticated session, which allows remote attackers (such as malicious 802.1X supplicants) to bypass authentication via PEAP or TTLS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://freeradius.org/security.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://seclists.org/oss-sec/2017/q2/422"
},
{
"name": "RHSA-2017:1581",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1581"
},
{
"name": "1038576",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038576"
},
{
"name": "98734",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98734"
},
{
"name": "GLSA-201706-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201706-27"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-9148",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TLS session cache in FreeRADIUS 2.1.1 through 2.1.7, 3.0.x before 3.0.14, 3.1.x before 2017-02-04, and 4.0.x before 2017-02-04 fails to reliably prevent resumption of an unauthenticated session, which allows remote attackers (such as malicious 802.1X supplicants) to bypass authentication via PEAP or TTLS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://freeradius.org/security.html",
"refsource": "MISC",
"url": "http://freeradius.org/security.html"
},
{
"name": "http://seclists.org/oss-sec/2017/q2/422",
"refsource": "MISC",
"url": "http://seclists.org/oss-sec/2017/q2/422"
},
{
"name": "RHSA-2017:1581",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1581"
},
{
"name": "1038576",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038576"
},
{
"name": "98734",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98734"
},
{
"name": "GLSA-201706-27",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201706-27"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-9148",
"datePublished": "2017-05-29T17:00:00",
"dateReserved": "2017-05-22T00:00:00",
"dateUpdated": "2024-08-05T16:55:22.379Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-1454
Vulnerability from cvelistv5
Published
2005-05-19 04:00
Modified
2024-08-07 21:51
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in the radius_xlat function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via (1) group_membership_query, (2) simul_count_query, or (3) simul_verify_query configuration entries.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.novell.com/linux/security/advisories/2005_14_sr.html | vendor-advisory, x_refsource_SUSE | |
| http://www.securityfocus.com/bid/13540 | vdb-entry, x_refsource_BID | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9610 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.securitytracker.com/alerts/2005/May/1013909.html | vdb-entry, x_refsource_SECTRACK | |
| http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-05/0492.html | mailing-list, x_refsource_FULLDISC | |
| http://www.freeradius.org/security.html | x_refsource_CONFIRM | |
| http://www.gentoo.org/security/en/glsa/glsa-200505-13.xml | vendor-advisory, x_refsource_GENTOO | |
| http://www.redhat.com/support/errata/RHSA-2005-524.html | vendor-advisory, x_refsource_REDHAT | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/20449 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:51:50.278Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SR:2005:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_14_sr.html"
},
{
"name": "13540",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13540"
},
{
"name": "oval:org.mitre.oval:def:9610",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9610"
},
{
"name": "1013909",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/alerts/2005/May/1013909.html"
},
{
"name": "20050520 ERRATA: [ GLSA 200505-13 ] FreeRADIUS: SQL injection and Denial of Service vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-05/0492.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.freeradius.org/security.html"
},
{
"name": "GLSA-200505-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200505-13.xml"
},
{
"name": "RHSA-2005:524",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-524.html"
},
{
"name": "freeradius-xlat-sql-injection(20449)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20449"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-05-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the radius_xlat function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via (1) group_membership_query, (2) simul_count_query, or (3) simul_verify_query configuration entries."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "SUSE-SR:2005:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_14_sr.html"
},
{
"name": "13540",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13540"
},
{
"name": "oval:org.mitre.oval:def:9610",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9610"
},
{
"name": "1013909",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/alerts/2005/May/1013909.html"
},
{
"name": "20050520 ERRATA: [ GLSA 200505-13 ] FreeRADIUS: SQL injection and Denial of Service vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-05/0492.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.freeradius.org/security.html"
},
{
"name": "GLSA-200505-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200505-13.xml"
},
{
"name": "RHSA-2005:524",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-524.html"
},
{
"name": "freeradius-xlat-sql-injection(20449)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20449"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-1454",
"datePublished": "2005-05-19T04:00:00",
"dateReserved": "2005-05-05T00:00:00",
"dateUpdated": "2024-08-07T21:51:50.278Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-41859
Vulnerability from cvelistv5
Published
2023-01-17 00:00
Modified
2024-08-03 12:56
Severity ?
EPSS score ?
Summary
In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | freeradius |
Version: unknown |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:56:38.271Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://freeradius.org/security/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/FreeRADIUS/freeradius-server/commit/9e5e8f2f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "freeradius",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "unknown"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-17T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://freeradius.org/security/"
},
{
"url": "https://github.com/FreeRADIUS/freeradius-server/commit/9e5e8f2f"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2022-41859",
"datePublished": "2023-01-17T00:00:00",
"dateReserved": "2022-09-30T00:00:00",
"dateUpdated": "2024-08-03T12:56:38.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-41861
Vulnerability from cvelistv5
Published
2023-01-17 00:00
Modified
2024-08-03 12:56
Severity ?
EPSS score ?
Summary
A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | freeradius |
Version: All versions from 0.0.1 to 3.0.25 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:56:38.299Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://freeradius.org/security/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/FreeRADIUS/freeradius-server/commit/0ec2b39d260e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "freeradius",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions from 0.0.1 to 3.0.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-17T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://freeradius.org/security/"
},
{
"url": "https://github.com/FreeRADIUS/freeradius-server/commit/0ec2b39d260e"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2022-41861",
"datePublished": "2023-01-17T00:00:00",
"dateReserved": "2022-09-30T00:00:00",
"dateUpdated": "2024-08-03T12:56:38.299Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-3111
Vulnerability from cvelistv5
Published
2009-09-09 18:00
Modified
2024-08-07 06:14
Severity ?
EPSS score ?
Summary
The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:14:56.206Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "36263",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36263"
},
{
"name": "SUSE-SR:2009:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://github.com/alandekok/freeradius-server/commit/860cad9e02ba344edb0038419e415fe05a9a01f4"
},
{
"name": "[freeradius-users] 20090909 Version 1.1.8 has been released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.freeradius.org/pipermail/freeradius-users/2009-September/msg00242.html"
},
{
"name": "36509",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36509"
},
{
"name": "oval:org.mitre.oval:def:9919",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9919"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://intevydis.com/vd-list.shtml"
},
{
"name": "ADV-2009-3184",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3184"
},
{
"name": "SUSE-SR:2009:016",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
},
{
"name": "APPLE-SA-2009-11-09-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
},
{
"name": "[oss-security] 20090909 CVE Request -- FreeRADIUS 1.1.8",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/09/09/1"
},
{
"name": "RHSA-2009:1451",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1451.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3937"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-09-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "36263",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36263"
},
{
"name": "SUSE-SR:2009:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://github.com/alandekok/freeradius-server/commit/860cad9e02ba344edb0038419e415fe05a9a01f4"
},
{
"name": "[freeradius-users] 20090909 Version 1.1.8 has been released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.freeradius.org/pipermail/freeradius-users/2009-September/msg00242.html"
},
{
"name": "36509",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36509"
},
{
"name": "oval:org.mitre.oval:def:9919",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9919"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://intevydis.com/vd-list.shtml"
},
{
"name": "ADV-2009-3184",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3184"
},
{
"name": "SUSE-SR:2009:016",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
},
{
"name": "APPLE-SA-2009-11-09-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
},
{
"name": "[oss-security] 20090909 CVE Request -- FreeRADIUS 1.1.8",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/09/09/1"
},
{
"name": "RHSA-2009:1451",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1451.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3937"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3111",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36263",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36263"
},
{
"name": "SUSE-SR:2009:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
},
{
"name": "http://github.com/alandekok/freeradius-server/commit/860cad9e02ba344edb0038419e415fe05a9a01f4",
"refsource": "CONFIRM",
"url": "http://github.com/alandekok/freeradius-server/commit/860cad9e02ba344edb0038419e415fe05a9a01f4"
},
{
"name": "[freeradius-users] 20090909 Version 1.1.8 has been released",
"refsource": "MLIST",
"url": "https://lists.freeradius.org/pipermail/freeradius-users/2009-September/msg00242.html"
},
{
"name": "36509",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36509"
},
{
"name": "oval:org.mitre.oval:def:9919",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9919"
},
{
"name": "http://intevydis.com/vd-list.shtml",
"refsource": "MISC",
"url": "http://intevydis.com/vd-list.shtml"
},
{
"name": "ADV-2009-3184",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3184"
},
{
"name": "SUSE-SR:2009:016",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
},
{
"name": "APPLE-SA-2009-11-09-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
},
{
"name": "[oss-security] 20090909 CVE Request -- FreeRADIUS 1.1.8",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/09/09/1"
},
{
"name": "RHSA-2009:1451",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1451.html"
},
{
"name": "http://support.apple.com/kb/HT3937",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3937"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-3111",
"datePublished": "2009-09-09T18:00:00",
"dateReserved": "2009-09-09T00:00:00",
"dateUpdated": "2024-08-07T06:14:56.206Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0961
Vulnerability from cvelistv5
Published
2004-10-20 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (memory exhaustion) via a series of Access-Request packets with (1) Ascend-Send-Secret, (2) Ascend-Recv-Secret, or (3) Tunnel-Password attributes.
References
| ▼ | URL | Tags |
|---|---|---|
| http://security.gentoo.org/glsa/glsa-200409-29.xml | vendor-advisory, x_refsource_GENTOO | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10024 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.securityfocus.com/bid/11222 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17440 | vdb-entry, x_refsource_XF | |
| http://www.kb.cert.org/vuls/id/541574 | third-party-advisory, x_refsource_CERT-VN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:48.195Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200409-29",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200409-29.xml"
},
{
"name": "oval:org.mitre.oval:def:10024",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10024"
},
{
"name": "11222",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11222"
},
{
"name": "freeradius-dos(17440)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17440"
},
{
"name": "VU#541574",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/541574"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (memory exhaustion) via a series of Access-Request packets with (1) Ascend-Send-Secret, (2) Ascend-Recv-Secret, or (3) Tunnel-Password attributes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200409-29",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200409-29.xml"
},
{
"name": "oval:org.mitre.oval:def:10024",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10024"
},
{
"name": "11222",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11222"
},
{
"name": "freeradius-dos(17440)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17440"
},
{
"name": "VU#541574",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/541574"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0961",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (memory exhaustion) via a series of Access-Request packets with (1) Ascend-Send-Secret, (2) Ascend-Recv-Secret, or (3) Tunnel-Password attributes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200409-29",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200409-29.xml"
},
{
"name": "oval:org.mitre.oval:def:10024",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10024"
},
{
"name": "11222",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11222"
},
{
"name": "freeradius-dos(17440)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17440"
},
{
"name": "VU#541574",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/541574"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0961",
"datePublished": "2004-10-20T04:00:00",
"dateReserved": "2004-10-18T00:00:00",
"dateUpdated": "2024-08-08T00:31:48.195Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-10987
Vulnerability from cvelistv5
Published
2017-07-17 16:00
Modified
2024-08-05 17:57
Severity ?
EPSS score ?
Summary
An FR-GV-304 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Buffer over-read in fr_dhcp_decode_suboptions()" and a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/99970 | vdb-entry, x_refsource_BID | |
| http://www.debian.org/security/2017/dsa-3930 | vendor-advisory, x_refsource_DEBIAN | |
| https://access.redhat.com/errata/RHSA-2017:2389 | vendor-advisory, x_refsource_REDHAT | |
| http://freeradius.org/security/fuzzer-2017.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:57:56.667Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "99970",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99970"
},
{
"name": "DSA-3930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"name": "RHSA-2017:2389",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An FR-GV-304 issue in FreeRADIUS 3.x before 3.0.15 allows \"DHCP - Buffer over-read in fr_dhcp_decode_suboptions()\" and a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "99970",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99970"
},
{
"name": "DSA-3930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"name": "RHSA-2017:2389",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-10987",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An FR-GV-304 issue in FreeRADIUS 3.x before 3.0.15 allows \"DHCP - Buffer over-read in fr_dhcp_decode_suboptions()\" and a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "99970",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99970"
},
{
"name": "DSA-3930",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"name": "RHSA-2017:2389",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
},
{
"name": "http://freeradius.org/security/fuzzer-2017.html",
"refsource": "CONFIRM",
"url": "http://freeradius.org/security/fuzzer-2017.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-10987",
"datePublished": "2017-07-17T16:00:00",
"dateReserved": "2017-07-06T00:00:00",
"dateUpdated": "2024-08-05T17:57:56.667Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-10982
Vulnerability from cvelistv5
Published
2017-07-17 16:00
Modified
2024-08-05 17:57
Severity ?
EPSS score ?
Summary
An FR-GV-205 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Buffer over-read in fr_dhcp_decode_options()" and a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1038914 | vdb-entry, x_refsource_SECTRACK | |
| https://access.redhat.com/errata/RHSA-2017:1759 | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/99912 | vdb-entry, x_refsource_BID | |
| http://www.debian.org/security/2017/dsa-3930 | vendor-advisory, x_refsource_DEBIAN | |
| http://freeradius.org/security/fuzzer-2017.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:57:56.735Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038914",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038914"
},
{
"name": "RHSA-2017:1759",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
},
{
"name": "99912",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99912"
},
{
"name": "DSA-3930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An FR-GV-205 issue in FreeRADIUS 2.x before 2.2.10 allows \"DHCP - Buffer over-read in fr_dhcp_decode_options()\" and a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1038914",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038914"
},
{
"name": "RHSA-2017:1759",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
},
{
"name": "99912",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99912"
},
{
"name": "DSA-3930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-10982",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An FR-GV-205 issue in FreeRADIUS 2.x before 2.2.10 allows \"DHCP - Buffer over-read in fr_dhcp_decode_options()\" and a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038914",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038914"
},
{
"name": "RHSA-2017:1759",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
},
{
"name": "99912",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99912"
},
{
"name": "DSA-3930",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"name": "http://freeradius.org/security/fuzzer-2017.html",
"refsource": "CONFIRM",
"url": "http://freeradius.org/security/fuzzer-2017.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-10982",
"datePublished": "2017-07-17T16:00:00",
"dateReserved": "2017-07-06T00:00:00",
"dateUpdated": "2024-08-05T17:57:56.735Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-4744
Vulnerability from cvelistv5
Published
2006-03-28 11:00
Modified
2024-08-07 23:53
Severity ?
EPSS score ?
Summary
Off-by-one error in the sql_error function in sql_unixodbc.c in FreeRADIUS 1.0.2.5-5, and possibly other versions including 1.0.4, might allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing the external database query to fail. NOTE: this single issue is part of a larger-scale disclosure, originally by SUSE, which reported multiple issues that were disputed by FreeRADIUS. Disputed issues included file descriptor leaks, memory disclosure, LDAP injection, and other issues. Without additional information, the most recent FreeRADIUS report is being regarded as the authoritative source for this CVE identifier.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:53:29.082Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060404-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
},
{
"name": "14775",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14775"
},
{
"name": "20461",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20461"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.freeradius.org/security/20050909-response-to-suse.txt"
},
{
"name": "19811",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19811"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.freeradius.org/security/20050909-vendor-sec.txt"
},
{
"name": "MDKSA-2006:066",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:066"
},
{
"name": "oval:org.mitre.oval:def:10449",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10449"
},
{
"name": "DSA-1089",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1089"
},
{
"name": "19497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19497"
},
{
"name": "16712",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16712"
},
{
"name": "RHSA-2006:0271",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0271.html"
},
{
"name": "freeradius-token-sqlunixodbc-dos(22211)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22211"
},
{
"name": "19518",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19518"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167676"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-09-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the sql_error function in sql_unixodbc.c in FreeRADIUS 1.0.2.5-5, and possibly other versions including 1.0.4, might allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing the external database query to fail. NOTE: this single issue is part of a larger-scale disclosure, originally by SUSE, which reported multiple issues that were disputed by FreeRADIUS. Disputed issues included file descriptor leaks, memory disclosure, LDAP injection, and other issues. Without additional information, the most recent FreeRADIUS report is being regarded as the authoritative source for this CVE identifier."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "20060404-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
},
{
"name": "14775",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14775"
},
{
"name": "20461",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20461"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.freeradius.org/security/20050909-response-to-suse.txt"
},
{
"name": "19811",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19811"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.freeradius.org/security/20050909-vendor-sec.txt"
},
{
"name": "MDKSA-2006:066",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:066"
},
{
"name": "oval:org.mitre.oval:def:10449",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10449"
},
{
"name": "DSA-1089",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1089"
},
{
"name": "19497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19497"
},
{
"name": "16712",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16712"
},
{
"name": "RHSA-2006:0271",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0271.html"
},
{
"name": "freeradius-token-sqlunixodbc-dos(22211)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22211"
},
{
"name": "19518",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19518"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167676"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-4744",
"datePublished": "2006-03-28T11:00:00",
"dateReserved": "2006-03-28T00:00:00",
"dateUpdated": "2024-08-07T23:53:29.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-8762
Vulnerability from cvelistv5
Published
2017-03-27 17:00
Modified
2024-08-06 08:29
Severity ?
EPSS score ?
Summary
The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a zero-length EAP-PWD packet.
References
| ▼ | URL | Tags |
|---|---|---|
| http://freeradius.org/security.html#eap-pwd-2015 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2016/01/08/7 | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:29:21.730Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freeradius.org/security.html#eap-pwd-2015"
},
{
"name": "[oss-security] 20160108 Re: CVE Request: freeradius: the EAP-PWD module performs insufficient validation on packets received from an EAP peer",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/08/7"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a zero-length EAP-PWD packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-27T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freeradius.org/security.html#eap-pwd-2015"
},
{
"name": "[oss-security] 20160108 Re: CVE Request: freeradius: the EAP-PWD module performs insufficient validation on packets received from an EAP peer",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/08/7"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8762",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a zero-length EAP-PWD packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://freeradius.org/security.html#eap-pwd-2015",
"refsource": "CONFIRM",
"url": "http://freeradius.org/security.html#eap-pwd-2015"
},
{
"name": "[oss-security] 20160108 Re: CVE Request: freeradius: the EAP-PWD module performs insufficient validation on packets received from an EAP peer",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/08/7"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8762",
"datePublished": "2017-03-27T17:00:00",
"dateReserved": "2016-01-08T00:00:00",
"dateUpdated": "2024-08-06T08:29:21.730Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0938
Vulnerability from cvelistv5
Published
2004-10-16 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (server crash) by sending an Ascend-Send-Secret attribute without the required leading packet.
References
| ▼ | URL | Tags |
|---|---|---|
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10837 | vdb-entry, signature, x_refsource_OVAL | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1347 | vdb-entry, signature, x_refsource_OVAL | |
| http://security.gentoo.org/glsa/glsa-200409-29.xml | vendor-advisory, x_refsource_GENTOO | |
| http://www.osvdb.org/10178 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/11222 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17440 | vdb-entry, x_refsource_XF | |
| http://www.kb.cert.org/vuls/id/541574 | third-party-advisory, x_refsource_CERT-VN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:48.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:10837",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10837"
},
{
"name": "oval:org.mitre.oval:def:1347",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1347"
},
{
"name": "GLSA-200409-29",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200409-29.xml"
},
{
"name": "10178",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/10178"
},
{
"name": "11222",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11222"
},
{
"name": "freeradius-dos(17440)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17440"
},
{
"name": "VU#541574",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/541574"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (server crash) by sending an Ascend-Send-Secret attribute without the required leading packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:10837",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10837"
},
{
"name": "oval:org.mitre.oval:def:1347",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1347"
},
{
"name": "GLSA-200409-29",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200409-29.xml"
},
{
"name": "10178",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/10178"
},
{
"name": "11222",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11222"
},
{
"name": "freeradius-dos(17440)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17440"
},
{
"name": "VU#541574",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/541574"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0938",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (server crash) by sending an Ascend-Send-Secret attribute without the required leading packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:10837",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10837"
},
{
"name": "oval:org.mitre.oval:def:1347",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1347"
},
{
"name": "GLSA-200409-29",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200409-29.xml"
},
{
"name": "10178",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/10178"
},
{
"name": "11222",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11222"
},
{
"name": "freeradius-dos(17440)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17440"
},
{
"name": "VU#541574",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/541574"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0938",
"datePublished": "2004-10-16T04:00:00",
"dateReserved": "2004-10-06T00:00:00",
"dateUpdated": "2024-08-08T00:31:48.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-4680
Vulnerability from cvelistv5
Published
2017-04-05 17:00
Modified
2024-08-06 06:18
Severity ?
EPSS score ?
Summary
FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates.
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.com/files/132415/FreeRADIUS-Insufficient-CRL-Application.html | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/535810/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/75327 | vdb-entry, x_refsource_BID | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1234975 | x_refsource_CONFIRM | |
| http://www.ocert.org/advisories/ocert-2015-008.html | x_refsource_MISC | |
| http://www.securitytracker.com/id/1032690 | vdb-entry, x_refsource_SECTRACK | |
| http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00010.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:18:12.227Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/132415/FreeRADIUS-Insufficient-CRL-Application.html"
},
{
"name": "20150622 [oCERT-2015-008] FreeRADIUS insufficent CRL application",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/535810/100/0/threaded"
},
{
"name": "75327",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75327"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1234975"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ocert.org/advisories/ocert-2015-008.html"
},
{
"name": "1032690",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032690"
},
{
"name": "SUSE-SU-2017:0102",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00010.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/132415/FreeRADIUS-Insufficient-CRL-Application.html"
},
{
"name": "20150622 [oCERT-2015-008] FreeRADIUS insufficent CRL application",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/535810/100/0/threaded"
},
{
"name": "75327",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75327"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1234975"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ocert.org/advisories/ocert-2015-008.html"
},
{
"name": "1032690",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032690"
},
{
"name": "SUSE-SU-2017:0102",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00010.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4680",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/132415/FreeRADIUS-Insufficient-CRL-Application.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132415/FreeRADIUS-Insufficient-CRL-Application.html"
},
{
"name": "20150622 [oCERT-2015-008] FreeRADIUS insufficent CRL application",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/535810/100/0/threaded"
},
{
"name": "75327",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75327"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1234975",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1234975"
},
{
"name": "http://www.ocert.org/advisories/ocert-2015-008.html",
"refsource": "MISC",
"url": "http://www.ocert.org/advisories/ocert-2015-008.html"
},
{
"name": "1032690",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032690"
},
{
"name": "SUSE-SU-2017:0102",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00010.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-4680",
"datePublished": "2017-04-05T17:00:00",
"dateReserved": "2015-06-19T00:00:00",
"dateUpdated": "2024-08-06T06:18:12.227Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-1354
Vulnerability from cvelistv5
Published
2006-03-22 02:00
Modified
2024-08-07 17:12
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote attackers to bypass authentication or cause a denial of service (server crash) via "Insufficient input validation" in the EAP-MSCHAPv2 state machine module.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:12:20.892Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200604-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200604-03.xml"
},
{
"name": "20060404-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
},
{
"name": "freeradius-eap-mschapv2-auth-bypass(25352)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25352"
},
{
"name": "19300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19300"
},
{
"name": "SUSE-SA:2006:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.de/archive/suse-security-announce/2006-Mar/0009.html"
},
{
"name": "17171",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17171"
},
{
"name": "20461",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20461"
},
{
"name": "19405",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19405"
},
{
"name": "19811",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19811"
},
{
"name": "ADV-2006-1016",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1016"
},
{
"name": "oval:org.mitre.oval:def:10156",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10156"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.freeradius.org/security.html"
},
{
"name": "DSA-1089",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1089"
},
{
"name": "1015795",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015795"
},
{
"name": "RHSA-2006:0271",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0271.html"
},
{
"name": "19527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19527"
},
{
"name": "2006-0020",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0020"
},
{
"name": "MDKSA-2006:060",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:060"
},
{
"name": "19518",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19518"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-03-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote attackers to bypass authentication or cause a denial of service (server crash) via \"Insufficient input validation\" in the EAP-MSCHAPv2 state machine module."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200604-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200604-03.xml"
},
{
"name": "20060404-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
},
{
"name": "freeradius-eap-mschapv2-auth-bypass(25352)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25352"
},
{
"name": "19300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19300"
},
{
"name": "SUSE-SA:2006:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.de/archive/suse-security-announce/2006-Mar/0009.html"
},
{
"name": "17171",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17171"
},
{
"name": "20461",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20461"
},
{
"name": "19405",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19405"
},
{
"name": "19811",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19811"
},
{
"name": "ADV-2006-1016",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1016"
},
{
"name": "oval:org.mitre.oval:def:10156",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10156"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.freeradius.org/security.html"
},
{
"name": "DSA-1089",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1089"
},
{
"name": "1015795",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015795"
},
{
"name": "RHSA-2006:0271",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0271.html"
},
{
"name": "19527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19527"
},
{
"name": "2006-0020",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0020"
},
{
"name": "MDKSA-2006:060",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:060"
},
{
"name": "19518",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19518"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1354",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote attackers to bypass authentication or cause a denial of service (server crash) via \"Insufficient input validation\" in the EAP-MSCHAPv2 state machine module."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200604-03",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200604-03.xml"
},
{
"name": "20060404-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
},
{
"name": "freeradius-eap-mschapv2-auth-bypass(25352)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25352"
},
{
"name": "19300",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19300"
},
{
"name": "SUSE-SA:2006:019",
"refsource": "SUSE",
"url": "http://lists.suse.de/archive/suse-security-announce/2006-Mar/0009.html"
},
{
"name": "17171",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17171"
},
{
"name": "20461",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20461"
},
{
"name": "19405",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19405"
},
{
"name": "19811",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19811"
},
{
"name": "ADV-2006-1016",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1016"
},
{
"name": "oval:org.mitre.oval:def:10156",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10156"
},
{
"name": "http://www.freeradius.org/security.html",
"refsource": "CONFIRM",
"url": "http://www.freeradius.org/security.html"
},
{
"name": "DSA-1089",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1089"
},
{
"name": "1015795",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015795"
},
{
"name": "RHSA-2006:0271",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2006-0271.html"
},
{
"name": "19527",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19527"
},
{
"name": "2006-0020",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2006/0020"
},
{
"name": "MDKSA-2006:060",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:060"
},
{
"name": "19518",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19518"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1354",
"datePublished": "2006-03-22T02:00:00",
"dateReserved": "2006-03-21T00:00:00",
"dateUpdated": "2024-08-07T17:12:20.892Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2001-1377
Vulnerability from cvelistv5
Published
2002-06-11 04:00
Modified
2024-08-08 04:51
Severity ?
EPSS score ?
Summary
Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.redhat.com/support/errata/RHSA-2002-030.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.iss.net/security_center/static/8354.php | vdb-entry, x_refsource_XF | |
| http://www.kb.cert.org/vuls/id/936683 | third-party-advisory, x_refsource_CERT-VN | |
| http://marc.info/?l=bugtraq&m=101537153021792&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html | vendor-advisory, x_refsource_SUSE | |
| http://www.securityfocus.com/bid/4230 | vdb-entry, x_refsource_BID | |
| http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466 | vendor-advisory, x_refsource_CONECTIVA | |
| http://www.cert.org/advisories/CA-2002-06.html | third-party-advisory, x_refsource_CERT | |
| ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc | vendor-advisory, x_refsource_FREEBSD |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:51:08.453Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2002:030",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-030.html"
},
{
"name": "radius-vendor-attribute-dos(8354)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8354.php"
},
{
"name": "VU#936683",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/936683"
},
{
"name": "20020305 SECURITY.NNOV: few vulnerabilities in multiple RADIUS implementations",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101537153021792\u0026w=2"
},
{
"name": "SuSE-SA:2002:013",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html"
},
{
"name": "4230",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4230"
},
{
"name": "CLA-2002:466",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000466"
},
{
"name": "CA-2002-06",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2002-06.html"
},
{
"name": "FreeBSD-SN-02:02",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-11-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2002:030",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-030.html"
},
{
"name": "radius-vendor-attribute-dos(8354)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8354.php"
},
{
"name": "VU#936683",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/936683"
},
{
"name": "20020305 SECURITY.NNOV: few vulnerabilities in multiple RADIUS implementations",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101537153021792\u0026w=2"
},
{
"name": "SuSE-SA:2002:013",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html"
},
{
"name": "4230",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4230"
},
{
"name": "CLA-2002:466",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000466"
},
{
"name": "CA-2002-06",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2002-06.html"
},
{
"name": "FreeBSD-SN-02:02",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1377",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2002:030",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-030.html"
},
{
"name": "radius-vendor-attribute-dos(8354)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8354.php"
},
{
"name": "VU#936683",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/936683"
},
{
"name": "20020305 SECURITY.NNOV: few vulnerabilities in multiple RADIUS implementations",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=101537153021792\u0026w=2"
},
{
"name": "SuSE-SA:2002:013",
"refsource": "SUSE",
"url": "http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html"
},
{
"name": "4230",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4230"
},
{
"name": "CLA-2002:466",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000466"
},
{
"name": "CA-2002-06",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2002-06.html"
},
{
"name": "FreeBSD-SN-02:02",
"refsource": "FREEBSD",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1377",
"datePublished": "2002-06-11T04:00:00",
"dateReserved": "2002-06-11T00:00:00",
"dateUpdated": "2024-08-08T04:51:08.453Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-10984
Vulnerability from cvelistv5
Published
2017-07-17 16:00
Modified
2024-08-05 17:57
Severity ?
EPSS score ?
Summary
An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows "Write overflow in data2vp_wimax()" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.debian.org/security/2017/dsa-3930 | vendor-advisory, x_refsource_DEBIAN | |
| https://access.redhat.com/errata/RHSA-2017:2389 | vendor-advisory, x_refsource_REDHAT | |
| http://freeradius.org/security/fuzzer-2017.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/99876 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:57:57.508Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"name": "RHSA-2017:2389",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"name": "99876",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99876"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows \"Write overflow in data2vp_wimax()\" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"name": "RHSA-2017:2389",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"name": "99876",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99876"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-10984",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows \"Write overflow in data2vp_wimax()\" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3930",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"name": "RHSA-2017:2389",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
},
{
"name": "http://freeradius.org/security/fuzzer-2017.html",
"refsource": "CONFIRM",
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"name": "99876",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99876"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-10984",
"datePublished": "2017-07-17T16:00:00",
"dateReserved": "2017-07-06T00:00:00",
"dateUpdated": "2024-08-05T17:57:57.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-0967
Vulnerability from cvelistv5
Published
2003-12-02 05:00
Modified
2024-08-08 02:12
Severity ?
EPSS score ?
Summary
rad_decode in FreeRADIUS 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a short RADIUS string attribute with a tag, which causes memcpy to be called with a -1 length argument, as demonstrated using the Tunnel-Password attribute.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=106935911101493&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://marc.info/?l=freeradius-users&m=106947389449613&w=2 | x_refsource_CONFIRM | |
| http://www.redhat.com/support/errata/RHSA-2003-386.html | vendor-advisory, x_refsource_REDHAT | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10917 | vdb-entry, signature, x_refsource_OVAL | |
| http://marc.info/?l=bugtraq&m=106944220426970 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:34.859Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20031120 Remote DoS in FreeRADIUS, all versions.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106935911101493\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://marc.info/?l=freeradius-users\u0026m=106947389449613\u0026w=2"
},
{
"name": "RHSA-2003:386",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-386.html"
},
{
"name": "oval:org.mitre.oval:def:10917",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10917"
},
{
"name": "20031121 FreeRADIUS 0.9.2 \"Tunnel-Password\" attribute Handling Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106944220426970"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-11-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "rad_decode in FreeRADIUS 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a short RADIUS string attribute with a tag, which causes memcpy to be called with a -1 length argument, as demonstrated using the Tunnel-Password attribute."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20031120 Remote DoS in FreeRADIUS, all versions.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106935911101493\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://marc.info/?l=freeradius-users\u0026m=106947389449613\u0026w=2"
},
{
"name": "RHSA-2003:386",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-386.html"
},
{
"name": "oval:org.mitre.oval:def:10917",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10917"
},
{
"name": "20031121 FreeRADIUS 0.9.2 \"Tunnel-Password\" attribute Handling Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106944220426970"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0967",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "rad_decode in FreeRADIUS 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a short RADIUS string attribute with a tag, which causes memcpy to be called with a -1 length argument, as demonstrated using the Tunnel-Password attribute."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20031120 Remote DoS in FreeRADIUS, all versions.",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=106935911101493\u0026w=2"
},
{
"name": "http://marc.info/?l=freeradius-users\u0026m=106947389449613\u0026w=2",
"refsource": "CONFIRM",
"url": "http://marc.info/?l=freeradius-users\u0026m=106947389449613\u0026w=2"
},
{
"name": "RHSA-2003:386",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-386.html"
},
{
"name": "oval:org.mitre.oval:def:10917",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10917"
},
{
"name": "20031121 FreeRADIUS 0.9.2 \"Tunnel-Password\" attribute Handling Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=106944220426970"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0967",
"datePublished": "2003-12-02T05:00:00",
"dateReserved": "2003-11-26T00:00:00",
"dateUpdated": "2024-08-08T02:12:34.859Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-4966
Vulnerability from cvelistv5
Published
2013-03-12 22:00
Modified
2024-08-07 00:23
Severity ?
EPSS score ?
Summary
modules/rlm_unix/rlm_unix.c in FreeRADIUS before 2.2.0, when unix mode is enabled for user authentication, does not properly check the password expiration in /etc/shadow, which allows remote authenticated users to authenticate using an expired password.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2013-0134.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHBA-2012-0881.html | x_refsource_MISC | |
| http://lists.opensuse.org/opensuse-updates/2013-01/msg00029.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-updates/2013-01/msg00079.html | vendor-advisory, x_refsource_SUSE | |
| https://github.com/alandekok/freeradius-server/commit/1b1ec5ce75e224bd1755650c18ccdaa6dc53e605 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:23:39.372Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2013:0134",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0134.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHBA-2012-0881.html"
},
{
"name": "openSUSE-SU-2013:0137",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00029.html"
},
{
"name": "openSUSE-SU-2013:0191",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00079.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/alandekok/freeradius-server/commit/1b1ec5ce75e224bd1755650c18ccdaa6dc53e605"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "modules/rlm_unix/rlm_unix.c in FreeRADIUS before 2.2.0, when unix mode is enabled for user authentication, does not properly check the password expiration in /etc/shadow, which allows remote authenticated users to authenticate using an expired password."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-03-12T22:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2013:0134",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0134.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://rhn.redhat.com/errata/RHBA-2012-0881.html"
},
{
"name": "openSUSE-SU-2013:0137",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00029.html"
},
{
"name": "openSUSE-SU-2013:0191",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00079.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/alandekok/freeradius-server/commit/1b1ec5ce75e224bd1755650c18ccdaa6dc53e605"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-4966",
"datePublished": "2013-03-12T22:00:00Z",
"dateReserved": "2011-12-23T00:00:00Z",
"dateUpdated": "2024-08-07T00:23:39.372Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-13456
Vulnerability from cvelistv5
Published
2019-12-03 19:53
Modified
2024-08-04 23:49
Severity ?
EPSS score ?
Summary
In FreeRADIUS 3.0 through 3.0.19, on average 1 in every 2048 EAP-pwd handshakes fails because the password element cannot be found within 10 iterations of the hunting and pecking loop. This leaks information that an attacker can use to recover the password of any user. This information leakage is similar to the "Dragonblood" attack and CVE-2019-9494.
References
| ▼ | URL | Tags |
|---|---|---|
| https://freeradius.org/security/ | x_refsource_MISC | |
| https://wpa3.mathyvanhoef.com | x_refsource_MISC | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1737663 | x_refsource_MISC | |
| https://github.com/FreeRADIUS/freeradius-server/commit/3ea2a5a026e73d81cd9a3e9bbd4300c433004bfa | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00039.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:49:25.031Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://freeradius.org/security/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpa3.mathyvanhoef.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737663"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/FreeRADIUS/freeradius-server/commit/3ea2a5a026e73d81cd9a3e9bbd4300c433004bfa"
},
{
"name": "openSUSE-SU-2020:0553",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00039.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In FreeRADIUS 3.0 through 3.0.19, on average 1 in every 2048 EAP-pwd handshakes fails because the password element cannot be found within 10 iterations of the hunting and pecking loop. This leaks information that an attacker can use to recover the password of any user. This information leakage is similar to the \"Dragonblood\" attack and CVE-2019-9494."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-26T17:06:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://freeradius.org/security/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpa3.mathyvanhoef.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737663"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/FreeRADIUS/freeradius-server/commit/3ea2a5a026e73d81cd9a3e9bbd4300c433004bfa"
},
{
"name": "openSUSE-SU-2020:0553",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00039.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13456",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In FreeRADIUS 3.0 through 3.0.19, on average 1 in every 2048 EAP-pwd handshakes fails because the password element cannot be found within 10 iterations of the hunting and pecking loop. This leaks information that an attacker can use to recover the password of any user. This information leakage is similar to the \"Dragonblood\" attack and CVE-2019-9494."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://freeradius.org/security/",
"refsource": "MISC",
"url": "https://freeradius.org/security/"
},
{
"name": "https://wpa3.mathyvanhoef.com",
"refsource": "MISC",
"url": "https://wpa3.mathyvanhoef.com"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1737663",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737663"
},
{
"name": "https://github.com/FreeRADIUS/freeradius-server/commit/3ea2a5a026e73d81cd9a3e9bbd4300c433004bfa",
"refsource": "CONFIRM",
"url": "https://github.com/FreeRADIUS/freeradius-server/commit/3ea2a5a026e73d81cd9a3e9bbd4300c433004bfa"
},
{
"name": "openSUSE-SU-2020:0553",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00039.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-13456",
"datePublished": "2019-12-03T19:53:53",
"dateReserved": "2019-07-09T00:00:00",
"dateUpdated": "2024-08-04T23:49:25.031Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-3596
Vulnerability from cvelistv5
Published
2024-07-09 12:02
Modified
2024-08-29 14:32
Severity ?
EPSS score ?
Summary
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ietf:rfc:2865:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "rfc",
"vendor": "ietf",
"versions": [
{
"status": "affected",
"version": "2865"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3596",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-11T03:55:37.141738Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-24T20:18:28.202Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-29T14:32:14.851Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20240822-0001/"
},
{
"url": "https://today.ucsd.edu/story/computer-scientists-discover-vulnerabilities-in-a-popular-security-protocol"
},
{
"tags": [
"x_transferred"
],
"url": "https://datatracker.ietf.org/doc/html/rfc2865"
},
{
"tags": [
"x_transferred"
],
"url": "https://datatracker.ietf.org/doc/draft-ietf-radext-deprecating-radius/"
},
{
"tags": [
"x_transferred"
],
"url": "https://networkradius.com/assets/pdf/radius_and_md5_collisions.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.blastradius.fail/"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/09/4"
},
{
"tags": [
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0014"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"product": "RFC",
"vendor": "IETF",
"versions": [
{
"status": "affected",
"version": "2865"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks to Sharon Goldberg, Miro Haller, Nadia Heninger, Mike Milano, Dan Shumow, Marc Stevens, and Adam Suhl who researched and reported this vulnerability"
}
],
"descriptions": [
{
"lang": "en",
"value": "RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-328: Use of Weak Hash",
"lang": "en"
}
]
},
{
"descriptions": [
{
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en"
}
]
},
{
"descriptions": [
{
"description": "CWE-924 Improper Enforcement of Message Integrity During Transmission in a Communication Channel",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T14:08:23.145Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://datatracker.ietf.org/doc/html/rfc2865"
},
{
"url": "https://datatracker.ietf.org/doc/draft-ietf-radext-deprecating-radius/"
},
{
"url": "https://networkradius.com/assets/pdf/radius_and_md5_collisions.pdf"
},
{
"url": "https://www.blastradius.fail/"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/09/4"
},
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0014"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "RADIUS Protocol under RFC2865 is vulnerable to forgery attacks.",
"x_generator": {
"engine": "VINCE 3.0.4",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2024-3596"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2024-3596",
"datePublished": "2024-07-09T12:02:53.001Z",
"dateReserved": "2024-04-10T15:09:45.391Z",
"dateUpdated": "2024-08-29T14:32:14.851Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-4474
Vulnerability from cvelistv5
Published
2008-10-07 21:00
Modified
2024-08-07 10:17
Severity ?
EPSS score ?
Summary
freeradius-dialupadmin in freeradius 2.0.4 allows local users to overwrite arbitrary files via a symlink attack on temporary files in (1) backup_radacct, (2) clean_radacct, (3) monthly_tot_stats, (4) tot_stats, and (5) truncate_radacct.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/33151 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/32170 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.openwall.com/lists/oss-security/2008/10/30/2 | mailing-list, x_refsource_MLIST | |
| https://bugs.gentoo.org/show_bug.cgi?id=235770 | x_refsource_CONFIRM | |
| http://uvw.ru/report.lenny.txt | x_refsource_MISC | |
| http://www.securityfocus.com/bid/30901 | vdb-entry, x_refsource_BID | |
| http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496389 | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.debian.org/debian-devel/2008/08/msg00271.html | mailing-list, x_refsource_MLIST | |
| http://dev.gentoo.org/~rbu/security/debiantemp/freeradius-dialupadmin | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:17:09.750Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "33151",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33151"
},
{
"name": "32170",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32170"
},
{
"name": "[oss-security] 20081030 CVE requests: tempfile issues for aview, mgetty, openoffice, crossfire",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/30/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=235770"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://uvw.ru/report.lenny.txt"
},
{
"name": "30901",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30901"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496389"
},
{
"name": "SUSE-SR:2008:028",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html"
},
{
"name": "[debian-devel] 20080811 Possible mass bug filing: The possibility of attack with the help of symlinks in some Debian packages",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.debian.org/debian-devel/2008/08/msg00271.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://dev.gentoo.org/~rbu/security/debiantemp/freeradius-dialupadmin"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "freeradius-dialupadmin in freeradius 2.0.4 allows local users to overwrite arbitrary files via a symlink attack on temporary files in (1) backup_radacct, (2) clean_radacct, (3) monthly_tot_stats, (4) tot_stats, and (5) truncate_radacct."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-11T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "33151",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33151"
},
{
"name": "32170",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32170"
},
{
"name": "[oss-security] 20081030 CVE requests: tempfile issues for aview, mgetty, openoffice, crossfire",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/30/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=235770"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://uvw.ru/report.lenny.txt"
},
{
"name": "30901",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30901"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496389"
},
{
"name": "SUSE-SR:2008:028",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html"
},
{
"name": "[debian-devel] 20080811 Possible mass bug filing: The possibility of attack with the help of symlinks in some Debian packages",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.debian.org/debian-devel/2008/08/msg00271.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://dev.gentoo.org/~rbu/security/debiantemp/freeradius-dialupadmin"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4474",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "freeradius-dialupadmin in freeradius 2.0.4 allows local users to overwrite arbitrary files via a symlink attack on temporary files in (1) backup_radacct, (2) clean_radacct, (3) monthly_tot_stats, (4) tot_stats, and (5) truncate_radacct."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "33151",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33151"
},
{
"name": "32170",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32170"
},
{
"name": "[oss-security] 20081030 CVE requests: tempfile issues for aview, mgetty, openoffice, crossfire",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/30/2"
},
{
"name": "https://bugs.gentoo.org/show_bug.cgi?id=235770",
"refsource": "CONFIRM",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=235770"
},
{
"name": "http://uvw.ru/report.lenny.txt",
"refsource": "MISC",
"url": "http://uvw.ru/report.lenny.txt"
},
{
"name": "30901",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30901"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496389",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496389"
},
{
"name": "SUSE-SR:2008:028",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html"
},
{
"name": "[debian-devel] 20080811 Possible mass bug filing: The possibility of attack with the help of symlinks in some Debian packages",
"refsource": "MLIST",
"url": "http://lists.debian.org/debian-devel/2008/08/msg00271.html"
},
{
"name": "http://dev.gentoo.org/~rbu/security/debiantemp/freeradius-dialupadmin",
"refsource": "CONFIRM",
"url": "http://dev.gentoo.org/~rbu/security/debiantemp/freeradius-dialupadmin"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4474",
"datePublished": "2008-10-07T21:00:00",
"dateReserved": "2008-10-07T00:00:00",
"dateUpdated": "2024-08-07T10:17:09.750Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-8763
Vulnerability from cvelistv5
Published
2017-03-27 17:00
Modified
2024-08-06 08:29
Severity ?
EPSS score ?
Summary
The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to have unspecified impact via a crafted (1) commit or (2) confirm message, which triggers an out-of-bounds read.
References
| ▼ | URL | Tags |
|---|---|---|
| http://freeradius.org/security.html#eap-pwd-2015 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2016/01/08/7 | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:29:21.729Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freeradius.org/security.html#eap-pwd-2015"
},
{
"name": "[oss-security] 20160108 Re: CVE Request: freeradius: the EAP-PWD module performs insufficient validation on packets received from an EAP peer",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/08/7"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to have unspecified impact via a crafted (1) commit or (2) confirm message, which triggers an out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-27T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freeradius.org/security.html#eap-pwd-2015"
},
{
"name": "[oss-security] 20160108 Re: CVE Request: freeradius: the EAP-PWD module performs insufficient validation on packets received from an EAP peer",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/08/7"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8763",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to have unspecified impact via a crafted (1) commit or (2) confirm message, which triggers an out-of-bounds read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://freeradius.org/security.html#eap-pwd-2015",
"refsource": "CONFIRM",
"url": "http://freeradius.org/security.html#eap-pwd-2015"
},
{
"name": "[oss-security] 20160108 Re: CVE Request: freeradius: the EAP-PWD module performs insufficient validation on packets received from an EAP peer",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/08/7"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8763",
"datePublished": "2017-03-27T17:00:00",
"dateReserved": "2016-01-08T00:00:00",
"dateUpdated": "2024-08-06T08:29:21.729Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-0080
Vulnerability from cvelistv5
Published
2007-01-05 11:00
Modified
2024-08-07 12:03
Severity ?
EPSS score ?
Summary
Buffer overflow in the SMB_Connect_Server function in FreeRadius 1.1.3 and earlier allows attackers to execute arbitrary code related to the server desthost field of an SMB_Handle_Type instance. NOTE: the impact of this issue has been disputed by a reliable third party and the vendor, who states that exploitation is limited "only to local administrators who have write access to the server configuration files." CVE concurs with the dispute
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/32082 | vdb-entry, x_refsource_OSVDB | |
| http://www.freeradius.org/security.html | x_refsource_MISC | |
| http://www.attrition.org/pipermail/vim/2007-February/001304.html | mailing-list, x_refsource_VIM | |
| http://securitytracker.com/id?1017463 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/31248 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/455678/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/archive/1/455812/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:03:37.018Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32082",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/32082"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.freeradius.org/security.html"
},
{
"name": "20070211 FreeRADIUS dispute of CVE-2007-0080",
"tags": [
"mailing-list",
"x_refsource_VIM",
"x_transferred"
],
"url": "http://www.attrition.org/pipermail/vim/2007-February/001304.html"
},
{
"name": "1017463",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017463"
},
{
"name": "freeradius-smbconnectserver-bo(31248)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31248"
},
{
"name": "20070102 FreeRadius 1.1.3 SMB_Handle_Type SMB_Connect_Server arbitrary code execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/455678/100/0/threaded"
},
{
"name": "20070103 Re: FreeRadius 1.1.3 SMB_Handle_Type SMB_Connect_Server arbitrary code execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/455812/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the SMB_Connect_Server function in FreeRadius 1.1.3 and earlier allows attackers to execute arbitrary code related to the server desthost field of an SMB_Handle_Type instance. NOTE: the impact of this issue has been disputed by a reliable third party and the vendor, who states that exploitation is limited \"only to local administrators who have write access to the server configuration files.\" CVE concurs with the dispute"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32082",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/32082"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.freeradius.org/security.html"
},
{
"name": "20070211 FreeRADIUS dispute of CVE-2007-0080",
"tags": [
"mailing-list",
"x_refsource_VIM"
],
"url": "http://www.attrition.org/pipermail/vim/2007-February/001304.html"
},
{
"name": "1017463",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017463"
},
{
"name": "freeradius-smbconnectserver-bo(31248)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31248"
},
{
"name": "20070102 FreeRadius 1.1.3 SMB_Handle_Type SMB_Connect_Server arbitrary code execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/455678/100/0/threaded"
},
{
"name": "20070103 Re: FreeRadius 1.1.3 SMB_Handle_Type SMB_Connect_Server arbitrary code execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/455812/100/0/threaded"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0080",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** Buffer overflow in the SMB_Connect_Server function in FreeRadius 1.1.3 and earlier allows attackers to execute arbitrary code related to the server desthost field of an SMB_Handle_Type instance. NOTE: the impact of this issue has been disputed by a reliable third party and the vendor, who states that exploitation is limited \"only to local administrators who have write access to the server configuration files.\" CVE concurs with the dispute."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32082",
"refsource": "OSVDB",
"url": "http://osvdb.org/32082"
},
{
"name": "http://www.freeradius.org/security.html",
"refsource": "MISC",
"url": "http://www.freeradius.org/security.html"
},
{
"name": "20070211 FreeRADIUS dispute of CVE-2007-0080",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2007-February/001304.html"
},
{
"name": "1017463",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017463"
},
{
"name": "freeradius-smbconnectserver-bo(31248)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31248"
},
{
"name": "20070102 FreeRadius 1.1.3 SMB_Handle_Type SMB_Connect_Server arbitrary code execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/455678/100/0/threaded"
},
{
"name": "20070103 Re: FreeRadius 1.1.3 SMB_Handle_Type SMB_Connect_Server arbitrary code execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/455812/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0080",
"datePublished": "2007-01-05T11:00:00",
"dateReserved": "2007-01-04T00:00:00",
"dateUpdated": "2024-08-07T12:03:37.018Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0960
Vulnerability from cvelistv5
Published
2004-10-20 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (core dump) via malformed USR vendor-specific attributes (VSA) that cause a memcpy operation with a -1 argument.
References
| ▼ | URL | Tags |
|---|---|---|
| http://security.gentoo.org/glsa/glsa-200409-29.xml | vendor-advisory, x_refsource_GENTOO | |
| http://www.securityfocus.com/bid/11222 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17440 | vdb-entry, x_refsource_XF | |
| http://www.kb.cert.org/vuls/id/541574 | third-party-advisory, x_refsource_CERT-VN | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11023 | vdb-entry, signature, x_refsource_OVAL |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:48.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200409-29",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200409-29.xml"
},
{
"name": "11222",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11222"
},
{
"name": "freeradius-dos(17440)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17440"
},
{
"name": "VU#541574",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/541574"
},
{
"name": "oval:org.mitre.oval:def:11023",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (core dump) via malformed USR vendor-specific attributes (VSA) that cause a memcpy operation with a -1 argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200409-29",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200409-29.xml"
},
{
"name": "11222",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11222"
},
{
"name": "freeradius-dos(17440)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17440"
},
{
"name": "VU#541574",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/541574"
},
{
"name": "oval:org.mitre.oval:def:11023",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11023"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0960",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (core dump) via malformed USR vendor-specific attributes (VSA) that cause a memcpy operation with a -1 argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200409-29",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200409-29.xml"
},
{
"name": "11222",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11222"
},
{
"name": "freeradius-dos(17440)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17440"
},
{
"name": "VU#541574",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/541574"
},
{
"name": "oval:org.mitre.oval:def:11023",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11023"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0960",
"datePublished": "2004-10-20T04:00:00",
"dateReserved": "2004-10-18T00:00:00",
"dateUpdated": "2024-08-08T00:31:48.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-10986
Vulnerability from cvelistv5
Published
2017-07-17 16:00
Modified
2024-08-05 17:57
Severity ?
EPSS score ?
Summary
An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Infinite read in dhcp_attr2vp()" and a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/99971 | vdb-entry, x_refsource_BID | |
| http://www.debian.org/security/2017/dsa-3930 | vendor-advisory, x_refsource_DEBIAN | |
| https://access.redhat.com/errata/RHSA-2017:2389 | vendor-advisory, x_refsource_REDHAT | |
| http://freeradius.org/security/fuzzer-2017.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:57:56.835Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "99971",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99971"
},
{
"name": "DSA-3930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"name": "RHSA-2017:2389",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows \"DHCP - Infinite read in dhcp_attr2vp()\" and a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "99971",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99971"
},
{
"name": "DSA-3930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"name": "RHSA-2017:2389",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-10986",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows \"DHCP - Infinite read in dhcp_attr2vp()\" and a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "99971",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99971"
},
{
"name": "DSA-3930",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"name": "RHSA-2017:2389",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
},
{
"name": "http://freeradius.org/security/fuzzer-2017.html",
"refsource": "CONFIRM",
"url": "http://freeradius.org/security/fuzzer-2017.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-10986",
"datePublished": "2017-07-17T16:00:00",
"dateReserved": "2017-07-06T00:00:00",
"dateUpdated": "2024-08-05T17:57:56.835Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-10985
Vulnerability from cvelistv5
Published
2017-07-17 16:00
Modified
2024-08-05 17:57
Severity ?
EPSS score ?
Summary
An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows "Infinite loop and memory exhaustion with 'concat' attributes" and a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.debian.org/security/2017/dsa-3930 | vendor-advisory, x_refsource_DEBIAN | |
| https://access.redhat.com/errata/RHSA-2017:2389 | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/99968 | vdb-entry, x_refsource_BID | |
| http://freeradius.org/security/fuzzer-2017.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:57:56.733Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"name": "RHSA-2017:2389",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
},
{
"name": "99968",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99968"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows \"Infinite loop and memory exhaustion with \u0027concat\u0027 attributes\" and a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"name": "RHSA-2017:2389",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
},
{
"name": "99968",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99968"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-10985",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows \"Infinite loop and memory exhaustion with \u0027concat\u0027 attributes\" and a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3930",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"name": "RHSA-2017:2389",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
},
{
"name": "99968",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99968"
},
{
"name": "http://freeradius.org/security/fuzzer-2017.html",
"refsource": "CONFIRM",
"url": "http://freeradius.org/security/fuzzer-2017.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-10985",
"datePublished": "2017-07-17T16:00:00",
"dateReserved": "2017-07-06T00:00:00",
"dateUpdated": "2024-08-05T17:57:56.733Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-10981
Vulnerability from cvelistv5
Published
2017-07-17 16:00
Modified
2024-08-05 17:57
Severity ?
EPSS score ?
Summary
An FR-GV-204 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in fr_dhcp_decode()" and a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1038914 | vdb-entry, x_refsource_SECTRACK | |
| https://access.redhat.com/errata/RHSA-2017:1759 | vendor-advisory, x_refsource_REDHAT | |
| http://www.debian.org/security/2017/dsa-3930 | vendor-advisory, x_refsource_DEBIAN | |
| http://freeradius.org/security/fuzzer-2017.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/99898 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:57:57.471Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038914",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038914"
},
{
"name": "RHSA-2017:1759",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
},
{
"name": "DSA-3930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"name": "99898",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99898"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An FR-GV-204 issue in FreeRADIUS 2.x before 2.2.10 allows \"DHCP - Memory leak in fr_dhcp_decode()\" and a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1038914",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038914"
},
{
"name": "RHSA-2017:1759",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
},
{
"name": "DSA-3930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"name": "99898",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99898"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-10981",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An FR-GV-204 issue in FreeRADIUS 2.x before 2.2.10 allows \"DHCP - Memory leak in fr_dhcp_decode()\" and a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038914",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038914"
},
{
"name": "RHSA-2017:1759",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
},
{
"name": "DSA-3930",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"name": "http://freeradius.org/security/fuzzer-2017.html",
"refsource": "CONFIRM",
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"name": "99898",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99898"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-10981",
"datePublished": "2017-07-17T16:00:00",
"dateReserved": "2017-07-06T00:00:00",
"dateUpdated": "2024-08-05T17:57:57.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-41860
Vulnerability from cvelistv5
Published
2023-01-17 00:00
Modified
2024-08-03 12:56
Severity ?
EPSS score ?
Summary
In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | freeradius |
Version: All versions from 0.9.3 to 3.0.25 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:56:38.237Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://freeradius.org/security/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/FreeRADIUS/freeradius-server/commit/f1cdbb33ec61c4a64a"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "freeradius",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions from 0.9.3 to 3.0.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-17T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://freeradius.org/security/"
},
{
"url": "https://github.com/FreeRADIUS/freeradius-server/commit/f1cdbb33ec61c4a64a"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2022-41860",
"datePublished": "2023-01-17T00:00:00",
"dateReserved": "2022-09-30T00:00:00",
"dateUpdated": "2024-08-03T12:56:38.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-17185
Vulnerability from cvelistv5
Published
2020-03-21 00:13
Modified
2024-08-05 01:33
Severity ?
EPSS score ?
Summary
In FreeRADIUS 3.0.x before 3.0.20, the EAP-pwd module used a global OpenSSL BN_CTX instance to handle all handshakes. This mean multiple threads use the same BN_CTX instance concurrently, resulting in crashes when concurrent EAP-pwd handshakes are initiated. This can be abused by an adversary as a Denial-of-Service (DoS) attack.
References
| ▼ | URL | Tags |
|---|---|---|
| https://freeradius.org/security/ | x_refsource_MISC | |
| https://github.com/FreeRADIUS/freeradius-server/releases/tag/release_3_0_20 | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00039.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:33:17.262Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://freeradius.org/security/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/FreeRADIUS/freeradius-server/releases/tag/release_3_0_20"
},
{
"name": "openSUSE-SU-2020:0553",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00039.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In FreeRADIUS 3.0.x before 3.0.20, the EAP-pwd module used a global OpenSSL BN_CTX instance to handle all handshakes. This mean multiple threads use the same BN_CTX instance concurrently, resulting in crashes when concurrent EAP-pwd handshakes are initiated. This can be abused by an adversary as a Denial-of-Service (DoS) attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-26T17:06:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://freeradius.org/security/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/FreeRADIUS/freeradius-server/releases/tag/release_3_0_20"
},
{
"name": "openSUSE-SU-2020:0553",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00039.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17185",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In FreeRADIUS 3.0.x before 3.0.20, the EAP-pwd module used a global OpenSSL BN_CTX instance to handle all handshakes. This mean multiple threads use the same BN_CTX instance concurrently, resulting in crashes when concurrent EAP-pwd handshakes are initiated. This can be abused by an adversary as a Denial-of-Service (DoS) attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://freeradius.org/security/",
"refsource": "MISC",
"url": "https://freeradius.org/security/"
},
{
"name": "https://github.com/FreeRADIUS/freeradius-server/releases/tag/release_3_0_20",
"refsource": "CONFIRM",
"url": "https://github.com/FreeRADIUS/freeradius-server/releases/tag/release_3_0_20"
},
{
"name": "openSUSE-SU-2020:0553",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00039.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-17185",
"datePublished": "2020-03-21T00:13:05",
"dateReserved": "2019-10-04T00:00:00",
"dateUpdated": "2024-08-05T01:33:17.262Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-0318
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-08 02:42
Severity ?
EPSS score ?
Summary
FreeRADIUS RADIUS server allows remote attackers to cause a denial of service (CPU consumption) via a flood of Access-Request packets.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=101440113410083&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.iss.net/security_center/static/9968.php | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:42:29.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020221 DoS Attack against many RADIUS servers",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101440113410083\u0026w=2"
},
{
"name": "freeradius-access-request-dos(9968)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9968.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-02-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeRADIUS RADIUS server allows remote attackers to cause a denial of service (CPU consumption) via a flood of Access-Request packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-20T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020221 DoS Attack against many RADIUS servers",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101440113410083\u0026w=2"
},
{
"name": "freeradius-access-request-dos(9968)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9968.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0318",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FreeRADIUS RADIUS server allows remote attackers to cause a denial of service (CPU consumption) via a flood of Access-Request packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020221 DoS Attack against many RADIUS servers",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=101440113410083\u0026w=2"
},
{
"name": "freeradius-access-request-dos(9968)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9968.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0318",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-05-01T00:00:00",
"dateUpdated": "2024-08-08T02:42:29.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-3697
Vulnerability from cvelistv5
Published
2010-10-07 20:21
Modified
2024-08-07 03:18
Severity ?
EPSS score ?
Summary
The wait_for_child_to_die function in main/event.c in FreeRADIUS 2.1.x before 2.1.10, in certain circumstances involving long-term database outages, does not properly handle long queue times for requests, which allows remote attackers to cause a denial of service (daemon crash) by sending many requests.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/41621 | third-party-advisory, x_refsource_SECUNIA | |
| http://github.com/alandekok/freeradius-server/commit/ff94dd35673bba1476594299d31ce8293b8bd223 | x_refsource_CONFIRM | |
| https://bugs.freeradius.org/bugzilla/show_bug.cgi?id=35 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2010/10/01/3 | mailing-list, x_refsource_MLIST | |
| http://freeradius.org/press/index.html#2.1.10 | x_refsource_CONFIRM | |
| https://bugzilla.redhat.com/show_bug.cgi?id=639397 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2010/10/01/8 | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:18:52.656Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "41621",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41621"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://github.com/alandekok/freeradius-server/commit/ff94dd35673bba1476594299d31ce8293b8bd223"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.freeradius.org/bugzilla/show_bug.cgi?id=35"
},
{
"name": "[oss-security] 20101001 CVE request: freeradius",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/10/01/3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freeradius.org/press/index.html#2.1.10"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639397"
},
{
"name": "[oss-security] 20101001 Re: CVE request: freeradius",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/10/01/8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The wait_for_child_to_die function in main/event.c in FreeRADIUS 2.1.x before 2.1.10, in certain circumstances involving long-term database outages, does not properly handle long queue times for requests, which allows remote attackers to cause a denial of service (daemon crash) by sending many requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-10-07T20:21:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "41621",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41621"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://github.com/alandekok/freeradius-server/commit/ff94dd35673bba1476594299d31ce8293b8bd223"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.freeradius.org/bugzilla/show_bug.cgi?id=35"
},
{
"name": "[oss-security] 20101001 CVE request: freeradius",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/10/01/3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freeradius.org/press/index.html#2.1.10"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639397"
},
{
"name": "[oss-security] 20101001 Re: CVE request: freeradius",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/10/01/8"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-3697",
"datePublished": "2010-10-07T20:21:00Z",
"dateReserved": "2010-10-01T00:00:00Z",
"dateUpdated": "2024-08-07T03:18:52.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-10979
Vulnerability from cvelistv5
Published
2017-07-17 16:00
Modified
2024-08-05 17:57
Severity ?
EPSS score ?
Summary
An FR-GV-202 issue in FreeRADIUS 2.x before 2.2.10 allows "Write overflow in rad_coalesce()" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1038914 | vdb-entry, x_refsource_SECTRACK | |
| https://access.redhat.com/errata/RHSA-2017:1759 | vendor-advisory, x_refsource_REDHAT | |
| http://www.debian.org/security/2017/dsa-3930 | vendor-advisory, x_refsource_DEBIAN | |
| http://freeradius.org/security/fuzzer-2017.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/99901 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:57:56.375Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038914",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038914"
},
{
"name": "RHSA-2017:1759",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
},
{
"name": "DSA-3930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"name": "99901",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99901"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An FR-GV-202 issue in FreeRADIUS 2.x before 2.2.10 allows \"Write overflow in rad_coalesce()\" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1038914",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038914"
},
{
"name": "RHSA-2017:1759",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
},
{
"name": "DSA-3930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"name": "99901",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99901"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-10979",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An FR-GV-202 issue in FreeRADIUS 2.x before 2.2.10 allows \"Write overflow in rad_coalesce()\" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038914",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038914"
},
{
"name": "RHSA-2017:1759",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
},
{
"name": "DSA-3930",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"name": "http://freeradius.org/security/fuzzer-2017.html",
"refsource": "CONFIRM",
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"name": "99901",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99901"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-10979",
"datePublished": "2017-07-17T16:00:00",
"dateReserved": "2017-07-06T00:00:00",
"dateUpdated": "2024-08-05T17:57:56.375Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-3696
Vulnerability from cvelistv5
Published
2010-10-07 20:21
Modified
2024-08-07 03:18
Severity ?
EPSS score ?
Summary
The fr_dhcp_decode function in lib/dhcp.c in FreeRADIUS 2.1.9, in certain non-default builds, does not properly handle the DHCP Relay Agent Information option, which allows remote attackers to cause a denial of service (infinite loop and daemon outage) via a packet that has more than one sub-option. NOTE: some of these details are obtained from third party information.
References
| ▼ | URL | Tags |
|---|---|---|
| http://github.com/alandekok/freeradius-server/commit/4dc7800b866f889a1247685bbaa6dd4238a56279 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/41621 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.openwall.com/lists/oss-security/2010/10/01/3 | mailing-list, x_refsource_MLIST | |
| http://freeradius.org/press/index.html#2.1.10 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2010/10/01/8 | mailing-list, x_refsource_MLIST | |
| https://bugs.freeradius.org/bugzilla/show_bug.cgi?id=77 | x_refsource_CONFIRM | |
| https://bugzilla.redhat.com/show_bug.cgi?id=639390 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:18:52.999Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://github.com/alandekok/freeradius-server/commit/4dc7800b866f889a1247685bbaa6dd4238a56279"
},
{
"name": "41621",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41621"
},
{
"name": "[oss-security] 20101001 CVE request: freeradius",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/10/01/3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freeradius.org/press/index.html#2.1.10"
},
{
"name": "[oss-security] 20101001 Re: CVE request: freeradius",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/10/01/8"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.freeradius.org/bugzilla/show_bug.cgi?id=77"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639390"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The fr_dhcp_decode function in lib/dhcp.c in FreeRADIUS 2.1.9, in certain non-default builds, does not properly handle the DHCP Relay Agent Information option, which allows remote attackers to cause a denial of service (infinite loop and daemon outage) via a packet that has more than one sub-option. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-10-07T20:21:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://github.com/alandekok/freeradius-server/commit/4dc7800b866f889a1247685bbaa6dd4238a56279"
},
{
"name": "41621",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41621"
},
{
"name": "[oss-security] 20101001 CVE request: freeradius",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/10/01/3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freeradius.org/press/index.html#2.1.10"
},
{
"name": "[oss-security] 20101001 Re: CVE request: freeradius",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/10/01/8"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.freeradius.org/bugzilla/show_bug.cgi?id=77"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639390"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-3696",
"datePublished": "2010-10-07T20:21:00Z",
"dateReserved": "2010-10-01T00:00:00Z",
"dateUpdated": "2024-08-07T03:18:52.999Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2001-1376
Vulnerability from cvelistv5
Published
2002-06-11 04:00
Modified
2024-08-08 04:51
Severity ?
EPSS score ?
Summary
Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.redhat.com/support/errata/RHSA-2002-030.html | vendor-advisory, x_refsource_REDHAT | |
| http://online.securityfocus.com/archive/1/239784 | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/7534 | vdb-entry, x_refsource_XF | |
| http://www.kb.cert.org/vuls/id/589523 | third-party-advisory, x_refsource_CERT-VN | |
| http://marc.info/?l=bugtraq&m=101537153021792&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html | vendor-advisory, x_refsource_SUSE | |
| http://www.securityfocus.com/bid/3530 | vdb-entry, x_refsource_BID | |
| http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466 | vendor-advisory, x_refsource_CONECTIVA | |
| http://www.cert.org/advisories/CA-2002-06.html | third-party-advisory, x_refsource_CERT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:51:08.227Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2002:030",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-030.html"
},
{
"name": "20011113 More problems with RADIUS (protocol and implementations)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/239784"
},
{
"name": "radius-message-digest-bo(7534)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7534"
},
{
"name": "VU#589523",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/589523"
},
{
"name": "20020305 SECURITY.NNOV: few vulnerabilities in multiple RADIUS implementations",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101537153021792\u0026w=2"
},
{
"name": "SuSE-SA:2002:013",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html"
},
{
"name": "3530",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3530"
},
{
"name": "CLA-2002:466",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000466"
},
{
"name": "CA-2002-06",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2002-06.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-11-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2002:030",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-030.html"
},
{
"name": "20011113 More problems with RADIUS (protocol and implementations)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/239784"
},
{
"name": "radius-message-digest-bo(7534)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7534"
},
{
"name": "VU#589523",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/589523"
},
{
"name": "20020305 SECURITY.NNOV: few vulnerabilities in multiple RADIUS implementations",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101537153021792\u0026w=2"
},
{
"name": "SuSE-SA:2002:013",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html"
},
{
"name": "3530",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3530"
},
{
"name": "CLA-2002:466",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000466"
},
{
"name": "CA-2002-06",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2002-06.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1376",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2002:030",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-030.html"
},
{
"name": "20011113 More problems with RADIUS (protocol and implementations)",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/239784"
},
{
"name": "radius-message-digest-bo(7534)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7534"
},
{
"name": "VU#589523",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/589523"
},
{
"name": "20020305 SECURITY.NNOV: few vulnerabilities in multiple RADIUS implementations",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=101537153021792\u0026w=2"
},
{
"name": "SuSE-SA:2002:013",
"refsource": "SUSE",
"url": "http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html"
},
{
"name": "3530",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3530"
},
{
"name": "CLA-2002:466",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000466"
},
{
"name": "CA-2002-06",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2002-06.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1376",
"datePublished": "2002-06-11T04:00:00",
"dateReserved": "2002-06-11T00:00:00",
"dateUpdated": "2024-08-08T04:51:08.227Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-10978
Vulnerability from cvelistv5
Published
2017-07-17 16:00
Modified
2024-08-05 17:57
Severity ?
EPSS score ?
Summary
An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "Read / write overflow in make_secret()" and a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1038914 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/99893 | vdb-entry, x_refsource_BID | |
| https://access.redhat.com/errata/RHSA-2017:1759 | vendor-advisory, x_refsource_REDHAT | |
| http://www.debian.org/security/2017/dsa-3930 | vendor-advisory, x_refsource_DEBIAN | |
| https://access.redhat.com/errata/RHSA-2017:2389 | vendor-advisory, x_refsource_REDHAT | |
| http://freeradius.org/security/fuzzer-2017.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:57:56.657Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038914",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038914"
},
{
"name": "99893",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99893"
},
{
"name": "RHSA-2017:1759",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
},
{
"name": "DSA-3930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"name": "RHSA-2017:2389",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows \"Read / write overflow in make_secret()\" and a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1038914",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038914"
},
{
"name": "99893",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99893"
},
{
"name": "RHSA-2017:1759",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
},
{
"name": "DSA-3930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"name": "RHSA-2017:2389",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-10978",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows \"Read / write overflow in make_secret()\" and a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038914",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038914"
},
{
"name": "99893",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99893"
},
{
"name": "RHSA-2017:1759",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
},
{
"name": "DSA-3930",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"name": "RHSA-2017:2389",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
},
{
"name": "http://freeradius.org/security/fuzzer-2017.html",
"refsource": "CONFIRM",
"url": "http://freeradius.org/security/fuzzer-2017.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-10978",
"datePublished": "2017-07-17T16:00:00",
"dateReserved": "2017-07-06T00:00:00",
"dateUpdated": "2024-08-05T17:57:56.657Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-0968
Vulnerability from cvelistv5
Published
2003-12-02 05:00
Modified
2024-08-08 02:12
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in SMB_Logon_Server of the rlm_smb experimental module for FreeRADIUS 0.9.3 and earlier allows remote attackers to execute arbitrary code via a long User-Password attribute.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=106986437621130&w=2 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:35.688Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20031126 FreeRADIUS \u003c= 0.9.3 rlm_smb module stack overflow vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106986437621130\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-11-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in SMB_Logon_Server of the rlm_smb experimental module for FreeRADIUS 0.9.3 and earlier allows remote attackers to execute arbitrary code via a long User-Password attribute."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20031126 FreeRADIUS \u003c= 0.9.3 rlm_smb module stack overflow vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106986437621130\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0968",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in SMB_Logon_Server of the rlm_smb experimental module for FreeRADIUS 0.9.3 and earlier allows remote attackers to execute arbitrary code via a long User-Password attribute."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20031126 FreeRADIUS \u003c= 0.9.3 rlm_smb module stack overflow vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=106986437621130\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0968",
"datePublished": "2003-12-02T05:00:00",
"dateReserved": "2003-11-26T00:00:00",
"dateUpdated": "2024-08-08T02:12:35.688Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-8764
Vulnerability from cvelistv5
Published
2017-03-27 17:00
Modified
2024-08-06 08:29
Severity ?
EPSS score ?
Summary
Off-by-one error in the EAP-PWD module in FreeRADIUS 3.0 through 3.0.8, which triggers a buffer overflow.
References
| ▼ | URL | Tags |
|---|---|---|
| http://freeradius.org/security.html#eap-pwd-2015 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2016/01/08/7 | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:29:21.944Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freeradius.org/security.html#eap-pwd-2015"
},
{
"name": "[oss-security] 20160108 Re: CVE Request: freeradius: the EAP-PWD module performs insufficient validation on packets received from an EAP peer",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/08/7"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the EAP-PWD module in FreeRADIUS 3.0 through 3.0.8, which triggers a buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-27T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freeradius.org/security.html#eap-pwd-2015"
},
{
"name": "[oss-security] 20160108 Re: CVE Request: freeradius: the EAP-PWD module performs insufficient validation on packets received from an EAP peer",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/08/7"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8764",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Off-by-one error in the EAP-PWD module in FreeRADIUS 3.0 through 3.0.8, which triggers a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://freeradius.org/security.html#eap-pwd-2015",
"refsource": "CONFIRM",
"url": "http://freeradius.org/security.html#eap-pwd-2015"
},
{
"name": "[oss-security] 20160108 Re: CVE Request: freeradius: the EAP-PWD module performs insufficient validation on packets received from an EAP peer",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/08/7"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8764",
"datePublished": "2017-03-27T17:00:00",
"dateReserved": "2016-01-08T00:00:00",
"dateUpdated": "2024-08-06T08:29:21.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2024-11-21 00:05
Severity ?
Summary
Off-by-one error in the sql_error function in sql_unixodbc.c in FreeRADIUS 1.0.2.5-5, and possibly other versions including 1.0.4, might allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing the external database query to fail. NOTE: this single issue is part of a larger-scale disclosure, originally by SUSE, which reported multiple issues that were disputed by FreeRADIUS. Disputed issues included file descriptor leaks, memory disclosure, LDAP injection, and other issues. Without additional information, the most recent FreeRADIUS report is being regarded as the authoritative source for this CVE identifier.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 1.0.3 | |
| freeradius | freeradius | 1.0.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F03F8FE-80BA-41A3-85CE-FFB6A18E6DCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4C48FE12-68CB-462D-B75E-204894325F5D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the sql_error function in sql_unixodbc.c in FreeRADIUS 1.0.2.5-5, and possibly other versions including 1.0.4, might allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing the external database query to fail. NOTE: this single issue is part of a larger-scale disclosure, originally by SUSE, which reported multiple issues that were disputed by FreeRADIUS. Disputed issues included file descriptor leaks, memory disclosure, LDAP injection, and other issues. Without additional information, the most recent FreeRADIUS report is being regarded as the authoritative source for this CVE identifier."
}
],
"evaluatorComment": "The vendor has released version 1.0.5 of FreeRADIUS to address these issues.",
"id": "CVE-2005-4744",
"lastModified": "2024-11-21T00:05:04.687",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2006-0271.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/16712"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/19497"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/19518"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/19811"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/20461"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2006/dsa-1089"
},
{
"source": "secalert@redhat.com",
"url": "http://www.freeradius.org/security/20050909-response-to-suse.txt"
},
{
"source": "secalert@redhat.com",
"url": "http://www.freeradius.org/security/20050909-vendor-sec.txt"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/14775"
},
{
"source": "secalert@redhat.com",
"url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:066"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167676"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22211"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10449"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2006-0271.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/16712"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19497"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19518"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19811"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.freeradius.org/security/20050909-response-to-suse.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.freeradius.org/security/20050909-vendor-sec.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/14775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:066"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167676"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22211"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10449"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-19 04:00
Modified
2024-11-20 23:57
Severity ?
Summary
SQL injection vulnerability in the radius_xlat function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via (1) group_membership_query, (2) simul_count_query, or (3) simul_verify_query configuration entries.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 1.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E95ADE53-BFBE-4B06-A1BF-EF576D567554",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the radius_xlat function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via (1) group_membership_query, (2) simul_count_query, or (3) simul_verify_query configuration entries."
}
],
"id": "CVE-2005-1454",
"lastModified": "2024-11-20T23:57:23.160",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-19T04:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-05/0492.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.freeradius.org/security.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200505-13.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2005_14_sr.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2005-524.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/13540"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/alerts/2005/May/1013909.html"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20449"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9610"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-05/0492.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.freeradius.org/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200505-13.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_14_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-524.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/13540"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/alerts/2005/May/1013909.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20449"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9610"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-07-09 12:15
Modified
2024-12-30 19:23
Severity ?
Summary
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | * | |
| broadcom | brocade_sannav | - | |
| broadcom | fabric_operating_system | - | |
| sonicwall | sonicos | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C73FF4C-13DE-4050-BD56-447F9382AA4D",
"versionEndExcluding": "3.0.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brocade_sannav:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75B1EDA5-F189-440D-AD0E-C70DD2C0FEE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:broadcom:fabric_operating_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "046FB51E-B768-44D3-AEB5-D857145CA840",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF61DAA-8295-4407-B125-1714E1565965",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature."
},
{
"lang": "es",
"value": "El protocolo RADIUS seg\u00fan RFC 2865 es susceptible a ataques de falsificaci\u00f3n por parte de un atacante local que puede modificar cualquier respuesta v\u00e1lida (acceso-aceptaci\u00f3n, acceso-rechazo o acceso-desaf\u00edo) a cualquier otra respuesta utilizando un ataque de colisi\u00f3n de prefijo elegido contra la firma del autenticador de respuesta MD5. ."
}
],
"id": "CVE-2024-3596",
"lastModified": "2024-12-30T19:23:20.437",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-07-09T12:15:20.700",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/09/4"
},
{
"source": "cret@cert.org",
"tags": [
"Technical Description"
],
"url": "https://datatracker.ietf.org/doc/draft-ietf-radext-deprecating-radius/"
},
{
"source": "cret@cert.org",
"tags": [
"Technical Description"
],
"url": "https://datatracker.ietf.org/doc/html/rfc2865"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://networkradius.com/assets/pdf/radius_and_md5_collisions.pdf"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0014"
},
{
"source": "cret@cert.org",
"tags": [
"Technical Description"
],
"url": "https://www.blastradius.fail/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/09/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description"
],
"url": "https://datatracker.ietf.org/doc/draft-ietf-radext-deprecating-radius/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description"
],
"url": "https://datatracker.ietf.org/doc/html/rfc2865"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://networkradius.com/assets/pdf/radius_and_md5_collisions.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0014"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20240822-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://today.ucsd.edu/story/computer-scientists-discover-vulnerabilities-in-a-popular-security-protocol"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description"
],
"url": "https://www.blastradius.fail/"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-354"
},
{
"lang": "en",
"value": "CWE-924"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-27 17:59
Modified
2024-11-21 02:39
Severity ?
Summary
The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to have unspecified impact via a crafted (1) commit or (2) confirm message, which triggers an out-of-bounds read.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://freeradius.org/security.html#eap-pwd-2015 | Not Applicable | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2016/01/08/7 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://freeradius.org/security.html#eap-pwd-2015 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/01/08/7 | Mailing List, Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 3.0.0 | |
| freeradius | freeradius | 3.0.1 | |
| freeradius | freeradius | 3.0.2 | |
| freeradius | freeradius | 3.0.3 | |
| freeradius | freeradius | 3.0.4 | |
| freeradius | freeradius | 3.0.5 | |
| freeradius | freeradius | 3.0.6 | |
| freeradius | freeradius | 3.0.7 | |
| freeradius | freeradius | 3.0.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "388D7673-6BA7-4113-86E1-00F9A60C8796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7B5B5D50-C251-4569-9D2C-49FB64702646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A693BD6B-BCFF-461B-B71D-4E6F7A614979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6E1D867F-7147-4C97-927B-C10404CC2985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD8346B-8A41-43DF-9AFE-06E3546B6AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4C30EB50-6BCD-44E4-906A-618ACCF627DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A8C129A8-59C9-4780-8454-4EB112DF0B40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "13C228DD-0EB3-4348-8D7A-D17A59E92013",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2400422C-8E52-4946-BE83-AA7167F0F703",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to have unspecified impact via a crafted (1) commit or (2) confirm message, which triggers an out-of-bounds read."
},
{
"lang": "es",
"value": "El m\u00f3dulo EAP-PWD en FreeRADIUS 3.0 hasta la versi\u00f3n 3.0.8 permite a atacantes remotos tener un impacto no especificado a trav\u00e9s (1) commit o (2) confirmar mensaje, lo que desencadena una lectura fuera de l\u00edmites."
}
],
"id": "CVE-2015-8763",
"lastModified": "2024-11-21T02:39:07.933",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-27T17:59:00.320",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "http://freeradius.org/security.html#eap-pwd-2015"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/08/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://freeradius.org/security.html#eap-pwd-2015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/08/7"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-27 17:59
Modified
2024-11-21 02:39
Severity ?
Summary
The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a zero-length EAP-PWD packet.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://freeradius.org/security.html#eap-pwd-2015 | Not Applicable | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2016/01/08/7 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://freeradius.org/security.html#eap-pwd-2015 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/01/08/7 | Mailing List, Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 3.0.0 | |
| freeradius | freeradius | 3.0.1 | |
| freeradius | freeradius | 3.0.2 | |
| freeradius | freeradius | 3.0.3 | |
| freeradius | freeradius | 3.0.4 | |
| freeradius | freeradius | 3.0.5 | |
| freeradius | freeradius | 3.0.6 | |
| freeradius | freeradius | 3.0.7 | |
| freeradius | freeradius | 3.0.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "388D7673-6BA7-4113-86E1-00F9A60C8796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7B5B5D50-C251-4569-9D2C-49FB64702646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A693BD6B-BCFF-461B-B71D-4E6F7A614979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6E1D867F-7147-4C97-927B-C10404CC2985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD8346B-8A41-43DF-9AFE-06E3546B6AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4C30EB50-6BCD-44E4-906A-618ACCF627DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A8C129A8-59C9-4780-8454-4EB112DF0B40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "13C228DD-0EB3-4348-8D7A-D17A59E92013",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2400422C-8E52-4946-BE83-AA7167F0F703",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a zero-length EAP-PWD packet."
},
{
"lang": "es",
"value": "El m\u00f3dulo EAP-PWD en FreeRADIUS 3.0 hasta la versi\u00f3n 3.0.8 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (referencia a puntero NULL y ca\u00edda del servidor) a trav\u00e9s de un paquete EAP-PWD de longitud cero."
}
],
"id": "CVE-2015-8762",
"lastModified": "2024-11-21T02:39:07.793",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-27T17:59:00.290",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "http://freeradius.org/security.html#eap-pwd-2015"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/08/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://freeradius.org/security.html#eap-pwd-2015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/08/7"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-07-17 17:29
Modified
2024-11-21 03:06
Severity ?
Summary
An FR-GV-202 issue in FreeRADIUS 2.x before 2.2.10 allows "Write overflow in rad_coalesce()" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 2.0.0 | |
| freeradius | freeradius | 2.0.0 | |
| freeradius | freeradius | 2.0.0 | |
| freeradius | freeradius | 2.0.1 | |
| freeradius | freeradius | 2.0.2 | |
| freeradius | freeradius | 2.0.3 | |
| freeradius | freeradius | 2.0.4 | |
| freeradius | freeradius | 2.0.5 | |
| freeradius | freeradius | 2.1.0 | |
| freeradius | freeradius | 2.1.1 | |
| freeradius | freeradius | 2.1.2 | |
| freeradius | freeradius | 2.1.3 | |
| freeradius | freeradius | 2.1.4 | |
| freeradius | freeradius | 2.1.6 | |
| freeradius | freeradius | 2.1.7 | |
| freeradius | freeradius | 2.1.8 | |
| freeradius | freeradius | 2.1.9 | |
| freeradius | freeradius | 2.1.10 | |
| freeradius | freeradius | 2.1.11 | |
| freeradius | freeradius | 2.1.12 | |
| freeradius | freeradius | 2.2.0 | |
| freeradius | freeradius | 2.2.1 | |
| freeradius | freeradius | 2.2.2 | |
| freeradius | freeradius | 2.2.3 | |
| freeradius | freeradius | 2.2.4 | |
| freeradius | freeradius | 2.2.5 | |
| freeradius | freeradius | 2.2.6 | |
| freeradius | freeradius | 2.2.7 | |
| freeradius | freeradius | 2.2.8 | |
| freeradius | freeradius | 2.2.9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1F041B7-4DDB-406E-8A89-D2DDABD4AF96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.0:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5DA3BD5F-8CB9-4907-92C5-7A4E884CE1D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.0:pre2:*:*:*:*:*:*",
"matchCriteriaId": "3D7056CF-FF7C-4175-907A-A47984A82CB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4A43D5-03CA-4AAA-98A8-4EC86EC3EACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8DDB64CF-D48E-4E3E-A1E8-B6AE330A6C99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "25BF923C-F7CD-4232-8613-B1F09C7B9A35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6A113B67-B9B6-421C-9EC9-E1FB462A4214",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6518E4DA-9531-4135-8462-A9E3BDD7AE38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B92B1F7-8139-4D5A-9461-0C7314BCCBC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CAEB64-0676-4C18-8255-DACDA612188E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "17F7A434-49DC-4005-9161-F2B49559621F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7A54D59A-B832-4EE3-A8D6-A85EC17C268A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D494932F-F639-44BE-B15C-7F07A67B0502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D45784-C53B-4A11-B1B3-BC68B514002D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E969979B-2852-453D-AF48-A462448D4C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0E56E3E2-9142-47F5-B53E-61ACE4FA9A90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0CFEA6-1AC0-41AA-BEF0-16FE1A933758",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C593C44B-CB2B-4C38-A44D-BA1BC9BF3CDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "908DA549-0EE5-4B85-961F-1C67210F6AED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "91FBBBC1-7106-4DA1-BBCF-9D776BB082ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B421C2D-290B-4439-BED6-4C0AEBAF484B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "09685697-9D74-4ECA-ACB0-DF08A1442DF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4D536C78-5619-4B01-A838-EB348B6D947E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C3482E5-E818-40CE-A061-4469F3CAC702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2595550B-8820-471A-9D23-C40A848B73FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "15D7F150-6B47-44B8-82A9-5E03AC83B05D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5600607D-209E-4A7B-AC82-657638232D13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C236E624-8DE0-46CD-A9F1-951D1CDD9F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "11403C9E-7217-43AF-9BF4-371FA2623C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "86A2EC8C-840A-4DB2-8038-7E0E2D704EA5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An FR-GV-202 issue in FreeRADIUS 2.x before 2.2.10 allows \"Write overflow in rad_coalesce()\" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code."
},
{
"lang": "es",
"value": "Un problema FR-GV-202 en FreeRADIUS versi\u00f3n 2.x anterior a 2.2.10, permite un \"Write overflow in rad_coalesce()\" - esto permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo del demonio) o posiblemente ejecutar c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-10979",
"lastModified": "2024-11-21T03:06:52.587",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-17T17:29:00.210",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/99901"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038914"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/99901"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038914"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-08-04 02:45
Modified
2024-11-21 01:28
Severity ?
Summary
The ocsp_check function in rlm_eap_tls.c in FreeRADIUS 2.1.11, when OCSP is enabled, does not properly parse replies from OCSP responders, which allows remote attackers to bypass authentication by using the EAP-TLS protocol with a revoked X.509 client certificate.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 2.1.11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "908DA549-0EE5-4B85-961F-1C67210F6AED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ocsp_check function in rlm_eap_tls.c in FreeRADIUS 2.1.11, when OCSP is enabled, does not properly parse replies from OCSP responders, which allows remote attackers to bypass authentication by using the EAP-TLS protocol with a revoked X.509 client certificate."
},
{
"lang": "es",
"value": "La funci\u00f3n ocsp_check de rlm_eap_tls.c de FreeRADIUS 2.1.11, si OCSP est\u00e1 habilitado, no analiza correctamente la sintaxis (\"parse\") de las respuestas de los agentes transmisores OCSP, lo que permite a atacantes remotos evitar la autenticaci\u00f3n usando el protocolo EAP-TLS con un certificado cliente X.509 revocado."
}
],
"id": "CVE-2011-2701",
"lastModified": "2024-11-21T01:28:47.547",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-08-04T02:45:32.297",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45425"
},
{
"source": "secalert@redhat.com",
"url": "http://securityreason.com/securityalert/8325"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1025833"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2011/07/15/6"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2011/07/18/2"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2011/07/20/9"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/518974/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/48880"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=724815"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68782"
},
{
"source": "secalert@redhat.com",
"url": "https://www.dfn-cert.de/informationen/Sicherheitsbulletins/dsb-2011-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45425"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/8325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025833"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2011/07/15/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2011/07/18/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2011/07/20/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/518974/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/48880"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=724815"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.dfn-cert.de/informationen/Sicherheitsbulletins/dsb-2011-01.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-21 01:15
Modified
2024-11-21 04:31
Severity ?
Summary
In FreeRADIUS 3.0.x before 3.0.20, the EAP-pwd module used a global OpenSSL BN_CTX instance to handle all handshakes. This mean multiple threads use the same BN_CTX instance concurrently, resulting in crashes when concurrent EAP-pwd handshakes are initiated. This can be abused by an adversary as a Denial-of-Service (DoS) attack.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00039.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://freeradius.org/security/ | Vendor Advisory | |
| cve@mitre.org | https://github.com/FreeRADIUS/freeradius-server/releases/tag/release_3_0_20 | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00039.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://freeradius.org/security/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/FreeRADIUS/freeradius-server/releases/tag/release_3_0_20 | Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | * | |
| opensuse | leap | 15.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02C9C42A-8038-4469-9745-5A19023A96ED",
"versionEndExcluding": "3.0.20",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In FreeRADIUS 3.0.x before 3.0.20, the EAP-pwd module used a global OpenSSL BN_CTX instance to handle all handshakes. This mean multiple threads use the same BN_CTX instance concurrently, resulting in crashes when concurrent EAP-pwd handshakes are initiated. This can be abused by an adversary as a Denial-of-Service (DoS) attack."
},
{
"lang": "es",
"value": "En FreeRADIUS versiones 3.0.x anteriores a 3.0.20, el m\u00f3dulo EAP-pwd utiliz\u00f3 una instancia OpenSSL BN_CTX global para manejar todos los protocolos de enlace. Esto significa que varios subprocesos utilizan la misma instancia de BN_CTX simult\u00e1neamente, resultando en bloqueos cuando los protocolos de enlace EAP-pwd son iniciados. Esto puede ser abusado por un adversario como un ataque de Denegaci\u00f3n de Servicio (DoS)."
}
],
"id": "CVE-2019-17185",
"lastModified": "2024-11-21T04:31:49.137",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-21T01:15:12.243",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00039.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://freeradius.org/security/"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/FreeRADIUS/freeradius-server/releases/tag/release_3_0_20"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://freeradius.org/security/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/FreeRADIUS/freeradius-server/releases/tag/release_3_0_20"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-662"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-07-17 17:29
Modified
2024-11-21 03:06
Severity ?
Summary
An FR-GV-204 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in fr_dhcp_decode()" and a denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 2.0.0 | |
| freeradius | freeradius | 2.0.0 | |
| freeradius | freeradius | 2.0.0 | |
| freeradius | freeradius | 2.0.1 | |
| freeradius | freeradius | 2.0.2 | |
| freeradius | freeradius | 2.0.3 | |
| freeradius | freeradius | 2.0.4 | |
| freeradius | freeradius | 2.0.5 | |
| freeradius | freeradius | 2.1.0 | |
| freeradius | freeradius | 2.1.1 | |
| freeradius | freeradius | 2.1.2 | |
| freeradius | freeradius | 2.1.3 | |
| freeradius | freeradius | 2.1.4 | |
| freeradius | freeradius | 2.1.6 | |
| freeradius | freeradius | 2.1.7 | |
| freeradius | freeradius | 2.1.8 | |
| freeradius | freeradius | 2.1.9 | |
| freeradius | freeradius | 2.1.10 | |
| freeradius | freeradius | 2.1.11 | |
| freeradius | freeradius | 2.1.12 | |
| freeradius | freeradius | 2.2.0 | |
| freeradius | freeradius | 2.2.1 | |
| freeradius | freeradius | 2.2.2 | |
| freeradius | freeradius | 2.2.3 | |
| freeradius | freeradius | 2.2.4 | |
| freeradius | freeradius | 2.2.5 | |
| freeradius | freeradius | 2.2.6 | |
| freeradius | freeradius | 2.2.7 | |
| freeradius | freeradius | 2.2.8 | |
| freeradius | freeradius | 2.2.9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1F041B7-4DDB-406E-8A89-D2DDABD4AF96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.0:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5DA3BD5F-8CB9-4907-92C5-7A4E884CE1D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.0:pre2:*:*:*:*:*:*",
"matchCriteriaId": "3D7056CF-FF7C-4175-907A-A47984A82CB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4A43D5-03CA-4AAA-98A8-4EC86EC3EACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8DDB64CF-D48E-4E3E-A1E8-B6AE330A6C99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "25BF923C-F7CD-4232-8613-B1F09C7B9A35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6A113B67-B9B6-421C-9EC9-E1FB462A4214",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6518E4DA-9531-4135-8462-A9E3BDD7AE38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B92B1F7-8139-4D5A-9461-0C7314BCCBC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CAEB64-0676-4C18-8255-DACDA612188E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "17F7A434-49DC-4005-9161-F2B49559621F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7A54D59A-B832-4EE3-A8D6-A85EC17C268A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D494932F-F639-44BE-B15C-7F07A67B0502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D45784-C53B-4A11-B1B3-BC68B514002D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E969979B-2852-453D-AF48-A462448D4C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0E56E3E2-9142-47F5-B53E-61ACE4FA9A90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0CFEA6-1AC0-41AA-BEF0-16FE1A933758",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C593C44B-CB2B-4C38-A44D-BA1BC9BF3CDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "908DA549-0EE5-4B85-961F-1C67210F6AED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "91FBBBC1-7106-4DA1-BBCF-9D776BB082ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B421C2D-290B-4439-BED6-4C0AEBAF484B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "09685697-9D74-4ECA-ACB0-DF08A1442DF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4D536C78-5619-4B01-A838-EB348B6D947E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C3482E5-E818-40CE-A061-4469F3CAC702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2595550B-8820-471A-9D23-C40A848B73FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "15D7F150-6B47-44B8-82A9-5E03AC83B05D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5600607D-209E-4A7B-AC82-657638232D13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C236E624-8DE0-46CD-A9F1-951D1CDD9F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "11403C9E-7217-43AF-9BF4-371FA2623C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "86A2EC8C-840A-4DB2-8038-7E0E2D704EA5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An FR-GV-204 issue in FreeRADIUS 2.x before 2.2.10 allows \"DHCP - Memory leak in fr_dhcp_decode()\" and a denial of service."
},
{
"lang": "es",
"value": "Un problema FR-GV-204 en FreeRADIUS versi\u00f3n 2.x anterior a 2.2.10, permite una \"DHCP - Memory leak in fr_dhcp_decode()\" y una denegaci\u00f3n de servicio."
}
],
"id": "CVE-2017-10981",
"lastModified": "2024-11-21T03:06:52.920",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-17T17:29:00.273",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/99898"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038914"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/99898"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038914"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-772"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-05 17:59
Modified
2024-11-21 02:31
Severity ?
Summary
FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 3.0.0 | |
| freeradius | freeradius | 3.0.1 | |
| freeradius | freeradius | 3.0.2 | |
| freeradius | freeradius | 3.0.3 | |
| freeradius | freeradius | 3.0.4 | |
| freeradius | freeradius | 3.0.5 | |
| freeradius | freeradius | 3.0.6 | |
| freeradius | freeradius | 3.0.7 | |
| freeradius | freeradius | 3.0.8 | |
| freeradius | freeradius | 2.2.0 | |
| freeradius | freeradius | 2.2.1 | |
| freeradius | freeradius | 2.2.2 | |
| freeradius | freeradius | 2.2.3 | |
| freeradius | freeradius | 2.2.4 | |
| freeradius | freeradius | 2.2.5 | |
| freeradius | freeradius | 2.2.6 | |
| freeradius | freeradius | 2.2.7 | |
| suse | linux_enterprise_server | 12 | |
| suse | linux_enterprise_server | 12 | |
| suse | linux_enterprise_server | 12 | |
| suse | linux_enterprise_software_development_kit | 12 | |
| suse | linux_enterprise_software_development_kit | 12 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "388D7673-6BA7-4113-86E1-00F9A60C8796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7B5B5D50-C251-4569-9D2C-49FB64702646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A693BD6B-BCFF-461B-B71D-4E6F7A614979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6E1D867F-7147-4C97-927B-C10404CC2985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD8346B-8A41-43DF-9AFE-06E3546B6AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4C30EB50-6BCD-44E4-906A-618ACCF627DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A8C129A8-59C9-4780-8454-4EB112DF0B40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "13C228DD-0EB3-4348-8D7A-D17A59E92013",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2400422C-8E52-4946-BE83-AA7167F0F703",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B421C2D-290B-4439-BED6-4C0AEBAF484B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "09685697-9D74-4ECA-ACB0-DF08A1442DF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4D536C78-5619-4B01-A838-EB348B6D947E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C3482E5-E818-40CE-A061-4469F3CAC702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2595550B-8820-471A-9D23-C40A848B73FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "15D7F150-6B47-44B8-82A9-5E03AC83B05D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5600607D-209E-4A7B-AC82-657638232D13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C236E624-8DE0-46CD-A9F1-951D1CDD9F58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2076747F-A98E-4DD9-9B52-BF1732BCAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:*:*:*:*",
"matchCriteriaId": "F84B2729-7B52-4505-9656-1BD31B980705",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:*:*:raspberry_pi:*",
"matchCriteriaId": "F2681D87-58A9-4A56-BE97-B00C5061CA32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5A633996-2FD7-467C-BAA6-529E16BD06D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F150BD9-4B94-42D3-9E14-58665B7FF220",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates."
},
{
"lang": "es",
"value": "FreeRADIUS 2.2.x en versiones anteriores a 2.2.8 y 3.0.x en versiones anteriores a 3.0.9 no comprueba adecuadamente la revocaci\u00f3n de certificados CA intermedios."
}
],
"id": "CVE-2015-4680",
"lastModified": "2024-11-21T02:31:33.000",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-05T17:59:00.197",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00010.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/132415/FreeRADIUS-Insufficient-CRL-Application.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.ocert.org/advisories/ocert-2015-008.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/535810/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75327"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032690"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1234975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/132415/FreeRADIUS-Insufficient-CRL-Application.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.ocert.org/advisories/ocert-2015-008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/535810/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75327"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1234975"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-11-03 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (server crash) by sending an Ascend-Send-Secret attribute without the required leading packet.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "931095C5-0533-4126-A574-9544C6F158BB",
"versionEndIncluding": "1.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (server crash) by sending an Ascend-Send-Secret attribute without the required leading packet."
},
{
"lang": "es",
"value": "FreeRADIUS anteriores a 1.0.1 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda del servidor) enviando un atributo Ascend-Send-Secret sin el paquete de encabezado requerido."
}
],
"id": "CVE-2004-0938",
"lastModified": "2024-11-20T23:49:43.880",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-11-03T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200409-29.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/541574"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.osvdb.org/10178"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11222"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17440"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10837"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1347"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200409-29.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/541574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.osvdb.org/10178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17440"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10837"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1347"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-02-09 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (memory exhaustion) via a series of Access-Request packets with (1) Ascend-Send-Secret, (2) Ascend-Recv-Secret, or (3) Tunnel-Password attributes.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 0.2 | |
| freeradius | freeradius | 0.3 | |
| freeradius | freeradius | 0.4 | |
| freeradius | freeradius | 0.5 | |
| freeradius | freeradius | 0.8 | |
| freeradius | freeradius | 0.8.1 | |
| freeradius | freeradius | 0.9 | |
| freeradius | freeradius | 0.9.1 | |
| freeradius | freeradius | 0.9.2 | |
| freeradius | freeradius | 0.9.3 | |
| freeradius | freeradius | 1.0.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | fedora_core | core_2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AEDD86F-92B9-43EC-80E3-54010E249FC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BFDB110B-4057-4BA4-993A-9DA14888A093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "52C8708B-4D1A-48A7-87DF-DF4B53E66D06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0369C1A6-A0FE-4BF8-89F5-5ED384565DAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1638CC08-8886-4863-8532-883A8616592F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E4FD4F2-0449-4562-ABF2-927206CB77DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "636F3F00-97A5-4497-A6A9-722AFC5BD689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EECDFCD7-0189-4C59-842D-C5F9064033A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1D3EC2A3-5FB6-4D39-B1EA-C8E17AF1F0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD634946-ED9B-47EB-8D0F-88EA6057D17C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "49152208-4DBD-4AF7-BCB3-3D56650899F7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (memory exhaustion) via a series of Access-Request packets with (1) Ascend-Send-Secret, (2) Ascend-Recv-Secret, or (3) Tunnel-Password attributes."
}
],
"id": "CVE-2004-0961",
"lastModified": "2024-11-20T23:49:46.810",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-02-09T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200409-29.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/541574"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11222"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17440"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200409-29.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/541574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17440"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10024"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-24 17:29
Modified
2024-11-21 04:18
Severity ?
Summary
It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges to root, by tricking logrotate into writing a radiusd-writable file to a directory normally inaccessible by the radiusd user. NOTE: the upstream software maintainer has stated "there is simply no way for anyone to gain privileges through this alleged issue."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | * | |
| fedoraproject | fedora | 29 | |
| fedoraproject | fedora | 30 | |
| redhat | enterprise_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF3F9C8A-3E21-459D-81CF-3C2617FFCCAD",
"versionEndIncluding": "3.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
"matchCriteriaId": "D100F7CE-FC64-4CC6-852A-6136D72DA419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "secalert@redhat.com",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges to root, by tricking logrotate into writing a radiusd-writable file to a directory normally inaccessible by the radiusd user. NOTE: the upstream software maintainer has stated \"there is simply no way for anyone to gain privileges through this alleged issue.\""
},
{
"lang": "es",
"value": "** EN DISPUTA **Se encontr\u00f3 que freeradius hasta la versi\u00f3n 3.0.19 incluy\u00e9ndola, no configura correctamente el componente logrotate, lo que permite que un atacante local que ya tiene el control del usuario radiusd escale sus privilegios a root, enga\u00f1ando a logrotate para que escriba un archivo escribible en radiusd en un directorio normalmente inaccesible para el usuario radiusd. NOTA: el mantenedor de software upstream ha declarado que \"simplemente no hay forma de que alguien obtenga privilegios a trav\u00e9s de este supuesto problema\""
}
],
"id": "CVE-2019-10143",
"lastModified": "2024-11-21T04:18:30.510",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9,
"source": "secalert@redhat.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-24T17:29:02.490",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/155361/FreeRadius-3.0.19-Logrotate-Privilege-Escalation.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Nov/14"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3353"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10143"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://freeradius.org/security/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/FreeRADIUS/freeradius-server/pull/2666"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A6VKBZAZKJP5QKXDXRKCM2ZPZND3TFAX/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TKODLHHUOVAYENTBP4D3N25ST3Q6LJBP/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/155361/FreeRadius-3.0.19-Logrotate-Privilege-Escalation.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Nov/14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3353"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://freeradius.org/security/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/FreeRADIUS/freeradius-server/pull/2666"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A6VKBZAZKJP5QKXDXRKCM2ZPZND3TFAX/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TKODLHHUOVAYENTBP4D3N25ST3Q6LJBP/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-250"
},
{
"lang": "en",
"value": "CWE-266"
}
],
"source": "secalert@redhat.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-07 21:11
Modified
2024-11-21 00:51
Severity ?
Summary
freeradius-dialupadmin in freeradius 2.0.4 allows local users to overwrite arbitrary files via a symlink attack on temporary files in (1) backup_radacct, (2) clean_radacct, (3) monthly_tot_stats, (4) tot_stats, and (5) truncate_radacct.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 2.0.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6A113B67-B9B6-421C-9EC9-E1FB462A4214",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "freeradius-dialupadmin in freeradius 2.0.4 allows local users to overwrite arbitrary files via a symlink attack on temporary files in (1) backup_radacct, (2) clean_radacct, (3) monthly_tot_stats, (4) tot_stats, and (5) truncate_radacct."
},
{
"lang": "es",
"value": "freeradius-dialupadmin en freeradius 2.0.4 permite a los usuario locales sobrescribir arbitrariamente archivos a trav\u00e9s de un ataque de enlace simb\u00f3lico en un archivo temporal en (1) backup_radacct, (2) clean_radacct, (3) monthly_tot_stats, (4) tot_stats, y (5) truncate_radacct."
}
],
"id": "CVE-2008-4474",
"lastModified": "2024-11-21T00:51:45.927",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-07T21:11:38.510",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496389"
},
{
"source": "cve@mitre.org",
"url": "http://dev.gentoo.org/~rbu/security/debiantemp/freeradius-dialupadmin"
},
{
"source": "cve@mitre.org",
"url": "http://lists.debian.org/debian-devel/2008/08/msg00271.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/32170"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/33151"
},
{
"source": "cve@mitre.org",
"url": "http://uvw.ru/report.lenny.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2008/10/30/2"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/30901"
},
{
"source": "cve@mitre.org",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=235770"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://dev.gentoo.org/~rbu/security/debiantemp/freeradius-dialupadmin"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.debian.org/debian-devel/2008/08/msg00271.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32170"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33151"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://uvw.ru/report.lenny.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2008/10/30/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/30901"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=235770"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Not vulnerable. This issue did not affect the versions of freeradius as shipped with Red Hat Enterprise Linux 3, 4, or 5.",
"lastModified": "2009-02-06T02:00:36.217",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-07-17 17:29
Modified
2024-11-21 03:06
Severity ?
Summary
An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Infinite read in dhcp_attr2vp()" and a denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 3.0.0 | |
| freeradius | freeradius | 3.0.1 | |
| freeradius | freeradius | 3.0.2 | |
| freeradius | freeradius | 3.0.3 | |
| freeradius | freeradius | 3.0.4 | |
| freeradius | freeradius | 3.0.5 | |
| freeradius | freeradius | 3.0.6 | |
| freeradius | freeradius | 3.0.7 | |
| freeradius | freeradius | 3.0.8 | |
| freeradius | freeradius | 3.0.9 | |
| freeradius | freeradius | 3.0.10 | |
| freeradius | freeradius | 3.0.11 | |
| freeradius | freeradius | 3.0.12 | |
| freeradius | freeradius | 3.0.13 | |
| freeradius | freeradius | 3.0.14 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "388D7673-6BA7-4113-86E1-00F9A60C8796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7B5B5D50-C251-4569-9D2C-49FB64702646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A693BD6B-BCFF-461B-B71D-4E6F7A614979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6E1D867F-7147-4C97-927B-C10404CC2985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD8346B-8A41-43DF-9AFE-06E3546B6AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4C30EB50-6BCD-44E4-906A-618ACCF627DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A8C129A8-59C9-4780-8454-4EB112DF0B40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "13C228DD-0EB3-4348-8D7A-D17A59E92013",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2400422C-8E52-4946-BE83-AA7167F0F703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E1841E98-2B17-4DFC-B03F-4E4537D8A6A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "76048BE7-ABC9-4177-A6A6-03CD267708A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "00F2F28A-E975-469F-8720-ACAD38230A70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "D0D08EA5-E832-40D7-9530-079C400B050E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "FAFBD765-22E7-446B-B0E9-FCE7DDB1B90E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "C50B666B-B423-4182-BD9A-8893B66848AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows \"DHCP - Infinite read in dhcp_attr2vp()\" and a denial of service."
},
{
"lang": "es",
"value": "Un problema FR-GV-303 en FreeRADIUS versi\u00f3n 3.x anterior a 3.0.15, permite una \"DHCP - Infinite read in dhcp_attr2vp()\" y una denegaci\u00f3n de servicio."
}
],
"id": "CVE-2017-10986",
"lastModified": "2024-11-21T03:06:53.763",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-17T17:29:00.430",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/99971"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/99971"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-835"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-09-09 18:30
Modified
2024-11-21 01:06
Severity ?
Summary
The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | * | |
| freeradius | freeradius | 0.2 | |
| freeradius | freeradius | 0.3 | |
| freeradius | freeradius | 0.4 | |
| freeradius | freeradius | 0.5 | |
| freeradius | freeradius | 0.8 | |
| freeradius | freeradius | 0.8.1 | |
| freeradius | freeradius | 0.9 | |
| freeradius | freeradius | 0.9.1 | |
| freeradius | freeradius | 0.9.2 | |
| freeradius | freeradius | 0.9.3 | |
| freeradius | freeradius | 1.0.0 | |
| freeradius | freeradius | 1.0.1 | |
| freeradius | freeradius | 1.0.2 | |
| freeradius | freeradius | 1.0.3 | |
| freeradius | freeradius | 1.0.4 | |
| freeradius | freeradius | 1.0.5 | |
| freeradius | freeradius | 1.1.0 | |
| freeradius | freeradius | 1.1.3 | |
| freeradius | freeradius | 1.1.5 | |
| freeradius | freeradius | 1.1.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D6F259-6145-48C9-A81B-5A331F43A76D",
"versionEndIncluding": "1.1.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AEDD86F-92B9-43EC-80E3-54010E249FC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BFDB110B-4057-4BA4-993A-9DA14888A093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "52C8708B-4D1A-48A7-87DF-DF4B53E66D06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0369C1A6-A0FE-4BF8-89F5-5ED384565DAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1638CC08-8886-4863-8532-883A8616592F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E4FD4F2-0449-4562-ABF2-927206CB77DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "636F3F00-97A5-4497-A6A9-722AFC5BD689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EECDFCD7-0189-4C59-842D-C5F9064033A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1D3EC2A3-5FB6-4D39-B1EA-C8E17AF1F0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD634946-ED9B-47EB-8D0F-88EA6057D17C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "49152208-4DBD-4AF7-BCB3-3D56650899F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90AF846A-F239-4963-B260-7CB48334B8B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E95ADE53-BFBE-4B06-A1BF-EF576D567554",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F03F8FE-80BA-41A3-85CE-FFB6A18E6DCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4C48FE12-68CB-462D-B75E-204894325F5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1321F1E7-4B14-4B16-91D0-AE9E9951D12A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "313EFEC5-1580-4ACE-BB9C-84E3714F2C37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B93BEF0-09C1-4DF8-8761-582DE975F306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4F927232-6275-497E-BF09-B4DCF19642C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F07F89D7-504B-4892-9840-A3FED5274F5A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967."
},
{
"lang": "es",
"value": "La funci\u00f3n rad_decode FreeRADIUS anterior a v1.1.8, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de radiusd) a trav\u00e9s de los atributos zero-length Tunnel-Password. NOTA: esto es una regresi\u00f3n al error relacionado con el CVE-2003-0967."
}
],
"id": "CVE-2009-3111",
"lastModified": "2024-11-21T01:06:34.547",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-09-09T18:30:00.860",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://github.com/alandekok/freeradius-server/commit/860cad9e02ba344edb0038419e415fe05a9a01f4"
},
{
"source": "cve@mitre.org",
"url": "http://intevydis.com/vd-list.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/36509"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT3937"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2009/09/09/1"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1451.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/36263"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/3184"
},
{
"source": "cve@mitre.org",
"url": "https://lists.freeradius.org/pipermail/freeradius-users/2009-September/msg00242.html"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://github.com/alandekok/freeradius-server/commit/860cad9e02ba344edb0038419e415fe05a9a01f4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://intevydis.com/vd-list.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/36509"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2009/09/09/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1451.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/36263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/3184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.freeradius.org/pipermail/freeradius-users/2009-September/msg00242.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9919"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-04-13 18:19
Modified
2024-11-21 00:29
Severity ?
Summary
Memory leak in freeRADIUS 1.1.5 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of EAP-TTLS tunnel connections using malformed Diameter format attributes, which causes the authentication request to be rejected but does not reclaim VALUE_PAIR data structures.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9C422CB-4D04-43F5-A10C-CD5B216E6D28",
"versionEndIncluding": "1.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Memory leak in freeRADIUS 1.1.5 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of EAP-TTLS tunnel connections using malformed Diameter format attributes, which causes the authentication request to be rejected but does not reclaim VALUE_PAIR data structures."
},
{
"lang": "es",
"value": "Filtraci\u00f3n de memoria en freeRADIUS 1.1.5 y anteriores permite a atacantes remotos provocar denegaci\u00f3n de servicio (consumo de memoria) a trav\u00e9s de un gran n\u00famero de conexiones de tunel de EAP-TTLS utilizando atributos de formato mal formado de Diameter, lo cual hace que la respuesta de validaci\u00f3n sea rechazada pero no recupera la estructura de datos VALUE_PAIR."
}
],
"id": "CVE-2007-2028",
"lastModified": "2024-11-21T00:29:43.910",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-13T18:19:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0338.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24849"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24907"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24917"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24996"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25201"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25220"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-200704-14.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.freeradius.org/security.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:085"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2007_10_sr.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/23466"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1018042"
},
{
"source": "secalert@redhat.com",
"url": "http://www.trustix.org/errata/2007/0013/"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2007/1369"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11156"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0338.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24849"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24917"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24996"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200704-14.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.freeradius.org/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2007_10_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23466"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018042"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2007/0013/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1369"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11156"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-22 11:29
Modified
2024-11-21 04:20
Severity ?
Summary
FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection mechanism, aka a "Dragonblood" issue, a similar issue to CVE-2019-9498 and CVE-2019-9499.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | * | |
| fedoraproject | fedora | - | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux_eus | 7.6 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_tus | 7.6 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 18.10 | |
| canonical | ubuntu_linux | 19.04 | |
| opensuse | leap | 15.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90C5B6A9-0E46-438C-9EBB-63529AAD1B1D",
"versionEndExcluding": "3.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3FEADDA-2AEE-4F65-9401-971B585664A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*",
"matchCriteriaId": "07C312A0-CD2C-4B9C-B064-6409B25C278F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
"matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeRADIUS before 3.0.19 mishandles the \"each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used\" protection mechanism, aka a \"Dragonblood\" issue, a similar issue to CVE-2019-9498 and CVE-2019-9499."
},
{
"lang": "es",
"value": "FreeRADIUS versi\u00f3n anterior a 3.0.19 no maneja correctamente el mecanismo de protecci\u00f3n \"cada participante verifica que el escalar recibido est\u00e1 dentro de un rango, y que el elemento de grupo recibido es un punto v\u00e1lido en la curva que se est\u00e1 utilizando\", alias \"Dragonblood\", este problema es similar a CVE-2019-9498 y CVE-2019-9499."
}
],
"id": "CVE-2019-11235",
"lastModified": "2024-11-21T04:20:47.093",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-22T11:29:03.517",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00014.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00032.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00033.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1131"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2019:1142"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695748"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://freeradius.org/release_notes/?br=3.0.x\u0026re=3.0.19"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://freeradius.org/security/"
},
{
"source": "cve@mitre.org",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://papers.mathyvanhoef.com/dragonblood.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3954-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/871675/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00033.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:1142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695748"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://freeradius.org/release_notes/?br=3.0.x\u0026re=3.0.19"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://freeradius.org/security/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://papers.mathyvanhoef.com/dragonblood.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3954-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/871675/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-02-09 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (core dump) via malformed USR vendor-specific attributes (VSA) that cause a memcpy operation with a -1 argument.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 0.2 | |
| freeradius | freeradius | 0.3 | |
| freeradius | freeradius | 0.4 | |
| freeradius | freeradius | 0.5 | |
| freeradius | freeradius | 0.8 | |
| freeradius | freeradius | 0.8.1 | |
| freeradius | freeradius | 0.9 | |
| freeradius | freeradius | 0.9.1 | |
| freeradius | freeradius | 0.9.2 | |
| freeradius | freeradius | 0.9.3 | |
| freeradius | freeradius | 1.0.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | fedora_core | core_2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AEDD86F-92B9-43EC-80E3-54010E249FC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BFDB110B-4057-4BA4-993A-9DA14888A093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "52C8708B-4D1A-48A7-87DF-DF4B53E66D06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0369C1A6-A0FE-4BF8-89F5-5ED384565DAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1638CC08-8886-4863-8532-883A8616592F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E4FD4F2-0449-4562-ABF2-927206CB77DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "636F3F00-97A5-4497-A6A9-722AFC5BD689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EECDFCD7-0189-4C59-842D-C5F9064033A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1D3EC2A3-5FB6-4D39-B1EA-C8E17AF1F0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD634946-ED9B-47EB-8D0F-88EA6057D17C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "49152208-4DBD-4AF7-BCB3-3D56650899F7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (core dump) via malformed USR vendor-specific attributes (VSA) that cause a memcpy operation with a -1 argument."
}
],
"id": "CVE-2004-0960",
"lastModified": "2024-11-20T23:49:46.657",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-02-09T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200409-29.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/541574"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11222"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17440"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200409-29.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/541574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17440"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11023"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-01-17 18:15
Modified
2024-11-21 07:23
Severity ?
Summary
In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://freeradius.org/security/ | Patch, Vendor Advisory | |
| secalert@redhat.com | https://github.com/FreeRADIUS/freeradius-server/commit/f1cdbb33ec61c4a64a | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://freeradius.org/security/ | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/FreeRADIUS/freeradius-server/commit/f1cdbb33ec61c4a64a | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A19F4F3-C514-4FDC-B3A3-0E688BD43247",
"versionEndIncluding": "3.0.25",
"versionStartIncluding": "0.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash."
},
{
"lang": "es",
"value": "En freeradius, cuando un solicitante de EAP-SIM env\u00eda una opci\u00f3n SIM desconocida, el servidor intentar\u00e1 buscar esa opci\u00f3n en los diccionarios internos. Esta b\u00fasqueda fallar\u00e1, pero el c\u00f3digo SIM no verificar\u00e1 ese error. En su lugar, eliminar\u00e1 la referencia a un puntero NULL y provocar\u00e1 que el servidor falle."
}
],
"id": "CVE-2022-41860",
"lastModified": "2024-11-21T07:23:57.257",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-01-17T18:15:11.387",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://freeradius.org/security/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/FreeRADIUS/freeradius-server/commit/f1cdbb33ec61c4a64a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://freeradius.org/security/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/FreeRADIUS/freeradius-server/commit/f1cdbb33ec61c4a64a"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "secalert@redhat.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-22 11:29
Modified
2024-11-21 04:20
Severity ?
Summary
FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication spoofing, aka a "Dragonblood" issue, a similar issue to CVE-2019-9497.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | * | |
| fedoraproject | fedora | * | |
| redhat | enterprise_linux | 7.0 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 18.10 | |
| canonical | ubuntu_linux | 19.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90C5B6A9-0E46-438C-9EBB-63529AAD1B1D",
"versionEndExcluding": "3.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20294CE7-12C8-43CA-A702-5ED2A3044FFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*",
"matchCriteriaId": "07C312A0-CD2C-4B9C-B064-6409B25C278F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
"matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication spoofing, aka a \"Dragonblood\" issue, a similar issue to CVE-2019-9497."
},
{
"lang": "es",
"value": "FreeRADIUS antes de 3.0.19 no impide el uso de la reflexi\u00f3n para la autenticaci\u00f3n de spoofing, tambi\u00e9n conocido como \"Dragonblood\", un problema similar al CVE-2019-9497."
}
],
"id": "CVE-2019-11234",
"lastModified": "2024-11-21T04:20:46.950",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-22T11:29:03.330",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00014.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00032.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00033.html"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2019:1131"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2019:1142"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695783"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://freeradius.org/release_notes/?br=3.0.x\u0026re=3.0.19"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://freeradius.org/security/"
},
{
"source": "cve@mitre.org",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://papers.mathyvanhoef.com/dragonblood.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3954-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/871675/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00033.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:1131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:1142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695783"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://freeradius.org/release_notes/?br=3.0.x\u0026re=3.0.19"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://freeradius.org/security/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://papers.mathyvanhoef.com/dragonblood.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3954-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/871675/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-07-17 17:29
Modified
2024-11-21 03:06
Severity ?
Summary
An FR-GV-304 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Buffer over-read in fr_dhcp_decode_suboptions()" and a denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 3.0.0 | |
| freeradius | freeradius | 3.0.1 | |
| freeradius | freeradius | 3.0.2 | |
| freeradius | freeradius | 3.0.3 | |
| freeradius | freeradius | 3.0.4 | |
| freeradius | freeradius | 3.0.5 | |
| freeradius | freeradius | 3.0.6 | |
| freeradius | freeradius | 3.0.7 | |
| freeradius | freeradius | 3.0.8 | |
| freeradius | freeradius | 3.0.9 | |
| freeradius | freeradius | 3.0.10 | |
| freeradius | freeradius | 3.0.11 | |
| freeradius | freeradius | 3.0.12 | |
| freeradius | freeradius | 3.0.13 | |
| freeradius | freeradius | 3.0.14 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "388D7673-6BA7-4113-86E1-00F9A60C8796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7B5B5D50-C251-4569-9D2C-49FB64702646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A693BD6B-BCFF-461B-B71D-4E6F7A614979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6E1D867F-7147-4C97-927B-C10404CC2985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD8346B-8A41-43DF-9AFE-06E3546B6AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4C30EB50-6BCD-44E4-906A-618ACCF627DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A8C129A8-59C9-4780-8454-4EB112DF0B40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "13C228DD-0EB3-4348-8D7A-D17A59E92013",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2400422C-8E52-4946-BE83-AA7167F0F703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E1841E98-2B17-4DFC-B03F-4E4537D8A6A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "76048BE7-ABC9-4177-A6A6-03CD267708A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "00F2F28A-E975-469F-8720-ACAD38230A70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "D0D08EA5-E832-40D7-9530-079C400B050E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "FAFBD765-22E7-446B-B0E9-FCE7DDB1B90E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "C50B666B-B423-4182-BD9A-8893B66848AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An FR-GV-304 issue in FreeRADIUS 3.x before 3.0.15 allows \"DHCP - Buffer over-read in fr_dhcp_decode_suboptions()\" and a denial of service."
},
{
"lang": "es",
"value": "Un problema FR-GV-304 en FreeRADIUS versi\u00f3n 3.x anterior a 3.0.15, permite una \"DHCP - Buffer over-read in fr_dhcp_decode_suboptions()\" y una denegaci\u00f3n de servicio."
}
],
"id": "CVE-2017-10987",
"lastModified": "2024-11-21T03:06:53.940",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-17T17:29:00.460",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/99970"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/99970"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-19 04:00
Modified
2024-11-20 23:57
Severity ?
Summary
Buffer overflow in the sql_escape_func function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote attackers to cause a denial of service (crash).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 1.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E95ADE53-BFBE-4B06-A1BF-EF576D567554",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the sql_escape_func function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote attackers to cause a denial of service (crash)."
}
],
"id": "CVE-2005-1455",
"lastModified": "2024-11-20T23:57:23.267",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-19T04:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-05/0492.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.freeradius.org/security.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200505-13.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2005_14_sr.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2005-524.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/13541"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/alerts/2005/May/1013909.html"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20450"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9579"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-05/0492.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.freeradius.org/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200505-13.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_14_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-524.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/13541"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/alerts/2005/May/1013909.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20450"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9579"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-12-03 20:15
Modified
2024-11-21 04:24
Severity ?
Summary
In FreeRADIUS 3.0 through 3.0.19, on average 1 in every 2048 EAP-pwd handshakes fails because the password element cannot be found within 10 iterations of the hunting and pecking loop. This leaks information that an attacker can use to recover the password of any user. This information leakage is similar to the "Dragonblood" attack and CVE-2019-9494.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | * | |
| linux | linux_kernel | - | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux | 8.0 | |
| opensuse | leap | 15.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B292FDAF-75A6-4B45-B7DA-BD2F624CF165",
"versionEndIncluding": "3.0.19",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In FreeRADIUS 3.0 through 3.0.19, on average 1 in every 2048 EAP-pwd handshakes fails because the password element cannot be found within 10 iterations of the hunting and pecking loop. This leaks information that an attacker can use to recover the password of any user. This information leakage is similar to the \"Dragonblood\" attack and CVE-2019-9494."
},
{
"lang": "es",
"value": "En FreeRADIUS versiones 3.0 hasta 3.0.19, en promedio 1 de cada 2048 protocolos de enlace EAP-pwd presenta un fallo porque el elemento de contrase\u00f1a no puede ser encontrado dentro de las 10 iteraciones del bucle de tipo \"hunting and pecking\". Esto filtra informaci\u00f3n que un atacante puede utilizar para recuperar la contrase\u00f1a de cualquier usuario. Este filtrado de informaci\u00f3n es similar al ataque \"Dragonblood\" y al CVE-2019-9494."
}
],
"id": "CVE-2019-13456",
"lastModified": "2024-11-21T04:24:56.510",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-03T20:15:11.013",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00039.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737663"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://freeradius.org/security/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/FreeRADIUS/freeradius-server/commit/3ea2a5a026e73d81cd9a3e9bbd4300c433004bfa"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpa3.mathyvanhoef.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737663"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://freeradius.org/security/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/FreeRADIUS/freeradius-server/commit/3ea2a5a026e73d81cd9a3e9bbd4300c433004bfa"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpa3.mathyvanhoef.com"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-01-17 18:15
Modified
2024-11-21 07:23
Severity ?
Summary
A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://freeradius.org/security/ | Patch, Vendor Advisory | |
| secalert@redhat.com | https://github.com/FreeRADIUS/freeradius-server/commit/0ec2b39d260e | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://freeradius.org/security/ | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/FreeRADIUS/freeradius-server/commit/0ec2b39d260e | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "904C69B2-4BA4-47FB-8B0D-0780AE90ADA4",
"versionEndIncluding": "3.0.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash."
},
{
"lang": "es",
"value": "Se encontr\u00f3 un defecto en freeradius. Un cliente RADIUS o un servidor dom\u00e9stico malicioso puede enviar un atributo binario con formato incorrecto que puede provocar que el servidor falle."
}
],
"id": "CVE-2022-41861",
"lastModified": "2024-11-21T07:23:57.380",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-01-17T18:15:11.480",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://freeradius.org/security/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/FreeRADIUS/freeradius-server/commit/0ec2b39d260e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://freeradius.org/security/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/FreeRADIUS/freeradius-server/commit/0ec2b39d260e"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-10-07 21:00
Modified
2024-11-21 01:19
Severity ?
Summary
The fr_dhcp_decode function in lib/dhcp.c in FreeRADIUS 2.1.9, in certain non-default builds, does not properly handle the DHCP Relay Agent Information option, which allows remote attackers to cause a denial of service (infinite loop and daemon outage) via a packet that has more than one sub-option. NOTE: some of these details are obtained from third party information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 2.1.9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0CFEA6-1AC0-41AA-BEF0-16FE1A933758",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The fr_dhcp_decode function in lib/dhcp.c in FreeRADIUS 2.1.9, in certain non-default builds, does not properly handle the DHCP Relay Agent Information option, which allows remote attackers to cause a denial of service (infinite loop and daemon outage) via a packet that has more than one sub-option. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "La funci\u00f3n fr_dhcp_decode en lib/dhcp.c en FreeRADIUS v2.1.9, en determinadas compilaciones (no por defecto), no maneja adecuadamente la opci\u00f3n DHCP Relay Agent Information, lo cual permite a atacantes remotos provocar una denegaci\u00f3n de servicio (bucle infinito y corte del servicio) a trav\u00e9s de un paquete que tiene m\u00e1s de una sub-opci\u00f3n. NOTA: algunos de estos detalles han sido obtenidos de informaci\u00f3n de terceros."
}
],
"id": "CVE-2010-3696",
"lastModified": "2024-11-21T01:19:24.987",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-10-07T21:00:03.437",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://freeradius.org/press/index.html#2.1.10"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://github.com/alandekok/freeradius-server/commit/4dc7800b866f889a1247685bbaa6dd4238a56279"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41621"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2010/10/01/3"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2010/10/01/8"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugs.freeradius.org/bugzilla/show_bug.cgi?id=77"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639390"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://freeradius.org/press/index.html#2.1.10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://github.com/alandekok/freeradius-server/commit/4dc7800b866f889a1247685bbaa6dd4238a56279"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41621"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2010/10/01/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2010/10/01/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugs.freeradius.org/bugzilla/show_bug.cgi?id=77"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639390"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-15 05:00
Modified
2024-11-20 23:45
Severity ?
Summary
rad_decode in FreeRADIUS 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a short RADIUS string attribute with a tag, which causes memcpy to be called with a -1 length argument, as demonstrated using the Tunnel-Password attribute.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F80EF7F-BDC2-4D5E-B878-3F0BA3959485",
"versionEndIncluding": "0.9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "rad_decode in FreeRADIUS 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a short RADIUS string attribute with a tag, which causes memcpy to be called with a -1 length argument, as demonstrated using the Tunnel-Password attribute."
},
{
"lang": "es",
"value": "rad_decode en FreeRADIUS 0.9.2 y anteriores permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) mediante una cadena de atributo RADIUS corta con una etiqueta, lo que hace se llame a memcpy con un argumento de longitud -1, como se ha demostrado usando el atributo \"Tunnel-Password\"."
}
],
"id": "CVE-2003-0967",
"lastModified": "2024-11-20T23:45:58.587",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-15T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=106935911101493\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=106944220426970"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=freeradius-users\u0026m=106947389449613\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-386.html"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10917"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=106935911101493\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=106944220426970"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=freeradius-users\u0026m=106947389449613\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-386.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10917"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-15 05:00
Modified
2024-11-20 23:45
Severity ?
Summary
Stack-based buffer overflow in SMB_Logon_Server of the rlm_smb experimental module for FreeRADIUS 0.9.3 and earlier allows remote attackers to execute arbitrary code via a long User-Password attribute.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9A8F21A-1305-4313-8BBF-1792ED4CB703",
"versionEndIncluding": "0.9.3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in SMB_Logon_Server of the rlm_smb experimental module for FreeRADIUS 0.9.3 and earlier allows remote attackers to execute arbitrary code via a long User-Password attribute."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en la pila en SMB_Logon_Server del m\u00f3dulo experimental rlm_smb de FreeRADIUS 0.9.3 y anteriores permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante un atributo User-Password largo."
}
],
"id": "CVE-2003-0968",
"lastModified": "2024-11-20T23:45:58.780",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-15T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=106986437621130\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=106986437621130\u0026w=2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-06-25 04:00
Modified
2024-11-20 23:38
Severity ?
Summary
FreeRADIUS RADIUS server allows remote attackers to cause a denial of service (CPU consumption) via a flood of Access-Request packets.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45C6E852-B6B5-4598-84B0-8D55932928F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeRADIUS RADIUS server allows remote attackers to cause a denial of service (CPU consumption) via a flood of Access-Request packets."
}
],
"id": "CVE-2002-0318",
"lastModified": "2024-11-20T23:38:48.383",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-06-25T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=101440113410083\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/9968.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=101440113410083\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/9968.php"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-09-18 17:55
Modified
2024-11-21 01:41
Severity ?
Summary
Stack-based buffer overflow in the cbtls_verify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via a long "not after" timestamp in a client certificate.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 2.1.10 | |
| freeradius | freeradius | 2.1.11 | |
| freeradius | freeradius | 2.1.12 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C593C44B-CB2B-4C38-A44D-BA1BC9BF3CDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "908DA549-0EE5-4B85-961F-1C67210F6AED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "91FBBBC1-7106-4DA1-BBCF-9D776BB082ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the cbtls_verify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via a long \"not after\" timestamp in a client certificate."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en la funci\u00f3n cbtls_verify en FreeRADIUS v2.1.10 hasta la v2.1.12, cuando se usan los m\u00e9todos TLS-based EAP, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del servidor) y posiblemente ejecutar c\u00f3digo a trav\u00e9s de un sellado de tiempo \"not after\" largo, en un certificado de un cliente."
}
],
"id": "CVE-2012-3547",
"lastModified": "2024-11-21T01:41:06.377",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-09-18T17:55:07.850",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-09/0043.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://freeradius.org/security.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00006.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090171.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00023.html"
},
{
"source": "secalert@redhat.com",
"url": "http://osvdb.org/85325"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1326.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1327.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50484"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50584"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/50637"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/50770"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2012/dsa-2546"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:159"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/09/10/2"
},
{
"source": "secalert@redhat.com",
"url": "http://www.pre-cert.de/advisories/PRE-SA-2012-06.txt"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/55483"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1027509"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1585-1"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78408"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-09/0043.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://freeradius.org/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090171.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/85325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1326.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1327.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50484"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50584"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/50637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/50770"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2546"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:159"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/09/10/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.pre-cert.de/advisories/PRE-SA-2012-06.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/55483"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027509"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1585-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78408"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-03-04 05:00
Modified
2024-11-20 23:37
Severity ?
Summary
Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AEDD86F-92B9-43EC-80E3-54010E249FC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BFDB110B-4057-4BA4-993A-9DA14888A093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:radius:0.92.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F5B0DFDC-913E-4358-9BF1-6AA1F871CB4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:radius:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "F332DA97-B327-45E0-8948-18C2C7278757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:radius:0.94:*:*:*:*:*:*:*",
"matchCriteriaId": "67632403-328E-4149-B0EC-2B563DDD7FD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:radius:0.95:*:*:*:*:*:*:*",
"matchCriteriaId": "0F6945F8-EB40-4205-9585-3BF9A132406E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:icradius:icradius:0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "2A28A174-45A4-4886-8C87-2D475F9ABF18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:icradius:icradius:0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "A949E3FF-5360-4FC1-95E5-AB5080156D77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:icradius:icradius:0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "D000F534-1BF0-40A8-BD2B-9EBAF71D6FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:icradius:icradius:0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "15253C62-0FCC-4699-9CC5-486F23CDD1E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:icradius:icradius:0.17b:*:*:*:*:*:*:*",
"matchCriteriaId": "D01B8A1D-A4EC-4B92-A9EC-BECB35185ECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:icradius:icradius:0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "10DD81E4-732C-4F23-80A7-987FCC0511D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:icradius:icradius:0.18.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28A5F502-7DA3-44E2-AEFB-6D1FD7121F7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:livingston:radius:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C2894BE-AE8B-491C-A776-5D2821D4DFB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:livingston:radius:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "92CD1A39-33F6-47C3-8899-286C07C9C219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:livingston:radius:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E3133364-7726-4BFA-A552-03533F762161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lucent:radius:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96927B69-BA71-460B-8A59-CF3FC93C9661",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lucent:radius:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "056AD200-84E8-4B99-863F-C1D61A6B4C7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lucent:radius:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCE2BA9-35E0-410A-B9CC-C77C9D95338E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4999A95F-9124-4585-B78C-34B8CDA87250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "28DC815B-6648-4C3A-A66C-264EE6903CE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "627CD710-183C-433B-9CC6-804C8A726FE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FA442BB3-4DAE-402C-8F3C-DFCA4C3EE63A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DE605C8B-316E-4C04-B5D1-97A0E2719DBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13CF26C7-90DB-46FB-AE08-936FF7C324F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openradius:openradius:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "15B965F5-E32D-4824-9A4B-0A2507CD167E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openradius:openradius:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C211927E-DE7F-450F-918B-DC3EAF6C5743",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openradius:openradius:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A74F1BA-3E1A-4073-A290-C086B6388F75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openradius:openradius:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDB28FF-D0B4-45A4-A2E7-C56B4D660204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openradius:openradius:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5263133F-0C92-4C16-B933-71AEAE9C33BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:radiusclient:radiusclient:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE414B4-5E23-4DE9-AD86-8FE51CCE723B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xtradius:xtradius:1.1_pre1:*:*:*:*:*:*:*",
"matchCriteriaId": "F6713B65-D941-4DCE-AA63-FE0B408E575B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xtradius:xtradius:1.1_pre2:*:*:*:*:*:*:*",
"matchCriteriaId": "43B671B4-7B26-4F43-A477-1EE7F1E74245",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:yard_radius:yard_radius:1.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "7326E7C2-F310-4820-A36D-C7045E6ED721",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:yard_radius:yard_radius:1.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "C37D50E1-E8E1-4D07-93D2-D8DEE13872D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:yard_radius:yard_radius:1.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "792AB6F5-0916-482B-A868-BC41B7A6EFE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:yard_radius:yard_radius:1.0_pre13:*:*:*:*:*:*:*",
"matchCriteriaId": "F4A295E4-7D6D-4906-84D4-BB80AF58422E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:yard_radius:yard_radius:1.0_pre14:*:*:*:*:*:*:*",
"matchCriteriaId": "9A1FEC14-198C-46D1-8F96-9D91B9733A55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:yard_radius:yard_radius:1.0_pre15:*:*:*:*:*:*:*",
"matchCriteriaId": "DB2830F3-FB3A-4833-9027-B4933BA813ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:yard_radius_project:yard_radius:1.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "95CC863F-9448-4692-AB9C-BA218D2313CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2."
}
],
"id": "CVE-2001-1377",
"lastModified": "2024-11-20T23:37:32.877",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-03-04T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000466"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=101537153021792\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2002-06.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/8354.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/936683"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2002-030.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/4230"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000466"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=101537153021792\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2002-06.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/8354.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/936683"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2002-030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/4230"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2024-11-21 00:05
Severity ?
Summary
Multiple buffer overflows in FreeRADIUS 1.0.3 and 1.0.4 allow remote attackers to cause denial of service (crash) via (1) the rlm_sqlcounter module or (2) unknown vectors "while expanding %t".
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 1.0.3 | |
| freeradius | freeradius | 1.0.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F03F8FE-80BA-41A3-85CE-FFB6A18E6DCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4C48FE12-68CB-462D-B75E-204894325F5D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in FreeRADIUS 1.0.3 and 1.0.4 allow remote attackers to cause denial of service (crash) via (1) the rlm_sqlcounter module or (2) unknown vectors \"while expanding %t\"."
}
],
"id": "CVE-2005-4746",
"lastModified": "2024-11-21T00:05:04.927",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2006/dsa-1145"
},
{
"source": "secalert@redhat.com",
"url": "http://www.freeradius.org/security.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:066"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:092"
},
{
"source": "secalert@redhat.com",
"url": "http://www.osvdb.org/19324"
},
{
"source": "secalert@redhat.com",
"url": "http://www.osvdb.org/19325"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/17293"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.freeradius.org/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:066"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/19324"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/19325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/17293"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vendorComments": [
{
"comment": "Not vulnerable. This issue did not affect the FreeRADIUS packages as distributed with Red Hat Enterprise Linux 2.1, 3, or 4.",
"lastModified": "2006-08-30T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-11-02 00:55
Modified
2024-11-21 02:05
Severity ?
Summary
Stack-based buffer overflow in the normify function in the rlm_pap module (modules/rlm_pap/rlm_pap.c) in FreeRADIUS 2.x, possibly 2.2.3 and earlier, and 3.x, possibly 3.0.1 and earlier, might allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password hash, as demonstrated by an SSHA hash.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 2.0 | |
| freeradius | freeradius | 2.0.1 | |
| freeradius | freeradius | 2.0.2 | |
| freeradius | freeradius | 2.0.3 | |
| freeradius | freeradius | 2.0.4 | |
| freeradius | freeradius | 2.0.5 | |
| freeradius | freeradius | 2.1.0 | |
| freeradius | freeradius | 2.1.1 | |
| freeradius | freeradius | 2.1.2 | |
| freeradius | freeradius | 2.1.3 | |
| freeradius | freeradius | 2.1.4 | |
| freeradius | freeradius | 2.1.6 | |
| freeradius | freeradius | 2.1.7 | |
| freeradius | freeradius | 2.1.8 | |
| freeradius | freeradius | 2.1.9 | |
| freeradius | freeradius | 2.1.10 | |
| freeradius | freeradius | 2.1.11 | |
| freeradius | freeradius | 2.1.12 | |
| freeradius | freeradius | 2.2.0 | |
| freeradius | freeradius | 2.2.1 | |
| freeradius | freeradius | 2.2.2 | |
| freeradius | freeradius | 2.2.3 | |
| freeradius | freeradius | 3.0.0 | |
| freeradius | freeradius | 3.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D5C0C0C3-970F-4936-BEBB-19FACF4E958B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4A43D5-03CA-4AAA-98A8-4EC86EC3EACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8DDB64CF-D48E-4E3E-A1E8-B6AE330A6C99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "25BF923C-F7CD-4232-8613-B1F09C7B9A35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6A113B67-B9B6-421C-9EC9-E1FB462A4214",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6518E4DA-9531-4135-8462-A9E3BDD7AE38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B92B1F7-8139-4D5A-9461-0C7314BCCBC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CAEB64-0676-4C18-8255-DACDA612188E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "17F7A434-49DC-4005-9161-F2B49559621F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7A54D59A-B832-4EE3-A8D6-A85EC17C268A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D494932F-F639-44BE-B15C-7F07A67B0502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D45784-C53B-4A11-B1B3-BC68B514002D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E969979B-2852-453D-AF48-A462448D4C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0E56E3E2-9142-47F5-B53E-61ACE4FA9A90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0CFEA6-1AC0-41AA-BEF0-16FE1A933758",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C593C44B-CB2B-4C38-A44D-BA1BC9BF3CDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "908DA549-0EE5-4B85-961F-1C67210F6AED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "91FBBBC1-7106-4DA1-BBCF-9D776BB082ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B421C2D-290B-4439-BED6-4C0AEBAF484B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "09685697-9D74-4ECA-ACB0-DF08A1442DF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4D536C78-5619-4B01-A838-EB348B6D947E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C3482E5-E818-40CE-A061-4469F3CAC702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "388D7673-6BA7-4113-86E1-00F9A60C8796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7B5B5D50-C251-4569-9D2C-49FB64702646",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the normify function in the rlm_pap module (modules/rlm_pap/rlm_pap.c) in FreeRADIUS 2.x, possibly 2.2.3 and earlier, and 3.x, possibly 3.0.1 and earlier, might allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password hash, as demonstrated by an SSHA hash."
},
{
"lang": "es",
"value": "Desbordamiento de buffer basado en pila en la funci\u00f3n normify en el m\u00f3dulo rlm_pap (modules/rlm_pap/rlm_pap.c) en FreeRADIUS 2.x, posiblemente 2.2.3 y anteriores, y 3.x, posiblemente 3.0.1 y anteriores, podr\u00eda permitir a atacantes causar una denagci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un hash de contrase\u00f1a largo, tal y como fue demostrado por un hash SSHA."
}
],
"id": "CVE-2014-2015",
"lastModified": "2024-11-21T02:05:27.620",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-11-02T00:55:03.313",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000610.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000612.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000616.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1287.html"
},
{
"source": "cve@mitre.org",
"url": "http://ubuntu.com/usn/usn-2122-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2014/02/18/3"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/65581"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1066761"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000610.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000612.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000616.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1287.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://ubuntu.com/usn/usn-2122-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2014/02/18/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/65581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1066761"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-01-05 11:28
Modified
2024-11-21 00:24
Severity ?
Summary
Buffer overflow in the SMB_Connect_Server function in FreeRadius 1.1.3 and earlier allows attackers to execute arbitrary code related to the server desthost field of an SMB_Handle_Type instance. NOTE: the impact of this issue has been disputed by a reliable third party and the vendor, who states that exploitation is limited "only to local administrators who have write access to the server configuration files." CVE concurs with the dispute
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95921E03-2F8B-4E9B-8305-15ECE1A2D20B",
"versionEndIncluding": "1.1.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the SMB_Connect_Server function in FreeRadius 1.1.3 and earlier allows attackers to execute arbitrary code related to the server desthost field of an SMB_Handle_Type instance. NOTE: the impact of this issue has been disputed by a reliable third party and the vendor, who states that exploitation is limited \"only to local administrators who have write access to the server configuration files.\" CVE concurs with the dispute"
},
{
"lang": "es",
"value": "** DISPUTADA** Desbordamiento de b\u00fafer en la funci\u00f3n SMB_Connect_Server en FreeRadius 1.1.3 y anteriores permite a un atacante remoto ejecutar c\u00f3digo arbitrario relacionado con el campo de servidor desthost de una instancia SMB_Handle_Type. NOTA: el impacto de este asunto ha sido disputado por una tercera parte fiable, que dice que la explotaci\u00f3n se l\u00edmita \u0027exclusivamente a administradores locales que tienen acceso de escritura a los ficheros de configuraci\u00f3n de servidores\u0027. CVE est\u00e1 de acuerdo con la disputa."
}
],
"evaluatorComment": "A buffer overflow in the SMB_Connect_Server function in FreeRADIUS 1.1.4 and earlier allows attackers to execute arbitrary code related to the server desthost field of an SMB_Handle_Type instance. This issue can not be exploited remotely, and can only be exploited by administrators who have write access to the server configuration files.",
"evaluatorImpact": "-- Official Vendor Statement from the FreeRADIUS Server project\r\n\r\nThis issue is not a security vulnerability. The exploit is available only to local administrators who have write access to the server configuration files. As such, this issue has no security impact on any system running FreeRADIUS.\r\n\r\n-- Official Vendor Statement from the FreeRADIUS Server project\r\n",
"id": "CVE-2007-0080",
"lastModified": "2024-11-21T00:24:55.477",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 2.7,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-01-05T11:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/32082"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017463"
},
{
"source": "cve@mitre.org",
"url": "http://www.attrition.org/pipermail/vim/2007-February/001304.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.freeradius.org/security.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/455678/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/455812/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31248"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/32082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.attrition.org/pipermail/vim/2007-February/001304.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.freeradius.org/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/455678/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/455812/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31248"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Not vulnerable. The affected code is in an optional module that is not shipped in Red Hat Enterprise Linux 2.1, 3, or 4.",
"lastModified": "2007-01-05T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-07-17 17:29
Modified
2024-11-21 03:06
Severity ?
Summary
An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "Read / write overflow in make_secret()" and a denial of service.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01D07DE7-862C-46DB-94AD-50A74DED1581",
"versionEndExcluding": "2.2.10",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AAEC9608-EA95-46FD-B370-A2A54821B7B8",
"versionEndExcluding": "3.0.15",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "21690BAC-2129-4A33-9B48-1F3BF30072A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows \"Read / write overflow in make_secret()\" and a denial of service."
},
{
"lang": "es",
"value": "Un problema FR-GV-201 en FreeRADIUS versi\u00f3n 2.x anterior a 2.2.10 y versi\u00f3n 3.x anterior a 3.0.15, permite un \"Read / write overflow in make_secret()\" y una denegaci\u00f3n de servicio."
}
],
"id": "CVE-2017-10978",
"lastModified": "2024-11-21T03:06:52.407",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-17T17:29:00.180",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99893"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038914"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99893"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038914"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-07-17 17:29
Modified
2024-11-21 03:06
Severity ?
Summary
An FR-GV-205 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Buffer over-read in fr_dhcp_decode_options()" and a denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 2.0.0 | |
| freeradius | freeradius | 2.0.0 | |
| freeradius | freeradius | 2.0.0 | |
| freeradius | freeradius | 2.0.1 | |
| freeradius | freeradius | 2.0.2 | |
| freeradius | freeradius | 2.0.3 | |
| freeradius | freeradius | 2.0.4 | |
| freeradius | freeradius | 2.0.5 | |
| freeradius | freeradius | 2.1.0 | |
| freeradius | freeradius | 2.1.1 | |
| freeradius | freeradius | 2.1.2 | |
| freeradius | freeradius | 2.1.3 | |
| freeradius | freeradius | 2.1.4 | |
| freeradius | freeradius | 2.1.6 | |
| freeradius | freeradius | 2.1.7 | |
| freeradius | freeradius | 2.1.8 | |
| freeradius | freeradius | 2.1.9 | |
| freeradius | freeradius | 2.1.10 | |
| freeradius | freeradius | 2.1.11 | |
| freeradius | freeradius | 2.1.12 | |
| freeradius | freeradius | 2.2.0 | |
| freeradius | freeradius | 2.2.1 | |
| freeradius | freeradius | 2.2.2 | |
| freeradius | freeradius | 2.2.3 | |
| freeradius | freeradius | 2.2.4 | |
| freeradius | freeradius | 2.2.5 | |
| freeradius | freeradius | 2.2.6 | |
| freeradius | freeradius | 2.2.7 | |
| freeradius | freeradius | 2.2.8 | |
| freeradius | freeradius | 2.2.9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1F041B7-4DDB-406E-8A89-D2DDABD4AF96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.0:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5DA3BD5F-8CB9-4907-92C5-7A4E884CE1D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.0:pre2:*:*:*:*:*:*",
"matchCriteriaId": "3D7056CF-FF7C-4175-907A-A47984A82CB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4A43D5-03CA-4AAA-98A8-4EC86EC3EACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8DDB64CF-D48E-4E3E-A1E8-B6AE330A6C99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "25BF923C-F7CD-4232-8613-B1F09C7B9A35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6A113B67-B9B6-421C-9EC9-E1FB462A4214",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6518E4DA-9531-4135-8462-A9E3BDD7AE38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B92B1F7-8139-4D5A-9461-0C7314BCCBC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CAEB64-0676-4C18-8255-DACDA612188E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "17F7A434-49DC-4005-9161-F2B49559621F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7A54D59A-B832-4EE3-A8D6-A85EC17C268A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D494932F-F639-44BE-B15C-7F07A67B0502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D45784-C53B-4A11-B1B3-BC68B514002D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E969979B-2852-453D-AF48-A462448D4C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0E56E3E2-9142-47F5-B53E-61ACE4FA9A90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0CFEA6-1AC0-41AA-BEF0-16FE1A933758",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C593C44B-CB2B-4C38-A44D-BA1BC9BF3CDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "908DA549-0EE5-4B85-961F-1C67210F6AED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "91FBBBC1-7106-4DA1-BBCF-9D776BB082ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B421C2D-290B-4439-BED6-4C0AEBAF484B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "09685697-9D74-4ECA-ACB0-DF08A1442DF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4D536C78-5619-4B01-A838-EB348B6D947E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C3482E5-E818-40CE-A061-4469F3CAC702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2595550B-8820-471A-9D23-C40A848B73FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "15D7F150-6B47-44B8-82A9-5E03AC83B05D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5600607D-209E-4A7B-AC82-657638232D13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C236E624-8DE0-46CD-A9F1-951D1CDD9F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "11403C9E-7217-43AF-9BF4-371FA2623C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "86A2EC8C-840A-4DB2-8038-7E0E2D704EA5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An FR-GV-205 issue in FreeRADIUS 2.x before 2.2.10 allows \"DHCP - Buffer over-read in fr_dhcp_decode_options()\" and a denial of service."
},
{
"lang": "es",
"value": "Un problema FR-GV-205 en FreeRADIUS versi\u00f3n 2.x anterior a 2.2.10, permite una \"DHCP - Buffer over-read in fr_dhcp_decode_options()\" y una denegaci\u00f3n de servicio."
}
],
"id": "CVE-2017-10982",
"lastModified": "2024-11-21T03:06:53.087",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-17T17:29:00.307",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/99912"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038914"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/99912"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038914"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-03-22 02:02
Modified
2024-11-21 00:08
Severity ?
Summary
Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote attackers to bypass authentication or cause a denial of service (server crash) via "Insufficient input validation" in the EAP-MSCHAPv2 state machine module.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 1.0.0 | |
| freeradius | freeradius | 1.0.1 | |
| freeradius | freeradius | 1.0.2 | |
| freeradius | freeradius | 1.0.3 | |
| freeradius | freeradius | 1.0.4 | |
| freeradius | freeradius | 1.0.5 | |
| freeradius | freeradius | 1.1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "49152208-4DBD-4AF7-BCB3-3D56650899F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90AF846A-F239-4963-B260-7CB48334B8B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E95ADE53-BFBE-4B06-A1BF-EF576D567554",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F03F8FE-80BA-41A3-85CE-FFB6A18E6DCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4C48FE12-68CB-462D-B75E-204894325F5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1321F1E7-4B14-4B16-91D0-AE9E9951D12A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "313EFEC5-1580-4ACE-BB9C-84E3714F2C37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote attackers to bypass authentication or cause a denial of service (server crash) via \"Insufficient input validation\" in the EAP-MSCHAPv2 state machine module."
}
],
"id": "CVE-2006-1354",
"lastModified": "2024-11-21T00:08:39.370",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-03-22T02:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
},
{
"source": "cve@mitre.org",
"url": "http://lists.suse.de/archive/suse-security-announce/2006-Mar/0009.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2006-0271.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19300"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/19405"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/19518"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/19527"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/19811"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20461"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015795"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1089"
},
{
"source": "cve@mitre.org",
"url": "http://www.freeradius.org/security.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200604-03.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:060"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/17171"
},
{
"source": "cve@mitre.org",
"url": "http://www.trustix.org/errata/2006/0020"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/1016"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25352"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10156"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.suse.de/archive/suse-security-announce/2006-Mar/0009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2006-0271.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19405"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19518"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19527"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19811"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015795"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.freeradius.org/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200604-03.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/17171"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2006/0020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/1016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10156"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-07-17 17:29
Modified
2024-11-21 03:06
Severity ?
Summary
An FR-GV-206 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "DHCP - Read overflow when decoding option 63" and a denial of service.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1F041B7-4DDB-406E-8A89-D2DDABD4AF96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.0:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5DA3BD5F-8CB9-4907-92C5-7A4E884CE1D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.0:pre2:*:*:*:*:*:*",
"matchCriteriaId": "3D7056CF-FF7C-4175-907A-A47984A82CB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4A43D5-03CA-4AAA-98A8-4EC86EC3EACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8DDB64CF-D48E-4E3E-A1E8-B6AE330A6C99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "25BF923C-F7CD-4232-8613-B1F09C7B9A35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6A113B67-B9B6-421C-9EC9-E1FB462A4214",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6518E4DA-9531-4135-8462-A9E3BDD7AE38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B92B1F7-8139-4D5A-9461-0C7314BCCBC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CAEB64-0676-4C18-8255-DACDA612188E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "17F7A434-49DC-4005-9161-F2B49559621F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7A54D59A-B832-4EE3-A8D6-A85EC17C268A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D494932F-F639-44BE-B15C-7F07A67B0502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D45784-C53B-4A11-B1B3-BC68B514002D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E969979B-2852-453D-AF48-A462448D4C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0E56E3E2-9142-47F5-B53E-61ACE4FA9A90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0CFEA6-1AC0-41AA-BEF0-16FE1A933758",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C593C44B-CB2B-4C38-A44D-BA1BC9BF3CDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "908DA549-0EE5-4B85-961F-1C67210F6AED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "91FBBBC1-7106-4DA1-BBCF-9D776BB082ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B421C2D-290B-4439-BED6-4C0AEBAF484B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "09685697-9D74-4ECA-ACB0-DF08A1442DF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4D536C78-5619-4B01-A838-EB348B6D947E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C3482E5-E818-40CE-A061-4469F3CAC702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2595550B-8820-471A-9D23-C40A848B73FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "15D7F150-6B47-44B8-82A9-5E03AC83B05D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5600607D-209E-4A7B-AC82-657638232D13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C236E624-8DE0-46CD-A9F1-951D1CDD9F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "11403C9E-7217-43AF-9BF4-371FA2623C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "86A2EC8C-840A-4DB2-8038-7E0E2D704EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "388D7673-6BA7-4113-86E1-00F9A60C8796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7B5B5D50-C251-4569-9D2C-49FB64702646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A693BD6B-BCFF-461B-B71D-4E6F7A614979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6E1D867F-7147-4C97-927B-C10404CC2985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD8346B-8A41-43DF-9AFE-06E3546B6AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4C30EB50-6BCD-44E4-906A-618ACCF627DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A8C129A8-59C9-4780-8454-4EB112DF0B40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "13C228DD-0EB3-4348-8D7A-D17A59E92013",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2400422C-8E52-4946-BE83-AA7167F0F703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E1841E98-2B17-4DFC-B03F-4E4537D8A6A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "76048BE7-ABC9-4177-A6A6-03CD267708A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "00F2F28A-E975-469F-8720-ACAD38230A70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "D0D08EA5-E832-40D7-9530-079C400B050E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "FAFBD765-22E7-446B-B0E9-FCE7DDB1B90E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "C50B666B-B423-4182-BD9A-8893B66848AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An FR-GV-206 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows \"DHCP - Read overflow when decoding option 63\" and a denial of service."
},
{
"lang": "es",
"value": "Un problema FR-GV-206 en FreeRADIUS versi\u00f3n 2.x anterior a 2.2.10 y versi\u00f3n 3.x anterior a 3.0.15, permite una \"DHCP - Read overflow when decoding option 63\" y una denegaci\u00f3n de servicio."
}
],
"id": "CVE-2017-10983",
"lastModified": "2024-11-21T03:06:53.253",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-17T17:29:00.337",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/99915"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038914"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/99915"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038914"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-07-17 17:29
Modified
2024-11-21 03:06
Severity ?
Summary
An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows "Infinite loop and memory exhaustion with 'concat' attributes" and a denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 3.0.0 | |
| freeradius | freeradius | 3.0.1 | |
| freeradius | freeradius | 3.0.2 | |
| freeradius | freeradius | 3.0.3 | |
| freeradius | freeradius | 3.0.4 | |
| freeradius | freeradius | 3.0.5 | |
| freeradius | freeradius | 3.0.6 | |
| freeradius | freeradius | 3.0.7 | |
| freeradius | freeradius | 3.0.8 | |
| freeradius | freeradius | 3.0.9 | |
| freeradius | freeradius | 3.0.10 | |
| freeradius | freeradius | 3.0.11 | |
| freeradius | freeradius | 3.0.12 | |
| freeradius | freeradius | 3.0.13 | |
| freeradius | freeradius | 3.0.14 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "388D7673-6BA7-4113-86E1-00F9A60C8796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7B5B5D50-C251-4569-9D2C-49FB64702646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A693BD6B-BCFF-461B-B71D-4E6F7A614979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6E1D867F-7147-4C97-927B-C10404CC2985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD8346B-8A41-43DF-9AFE-06E3546B6AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4C30EB50-6BCD-44E4-906A-618ACCF627DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A8C129A8-59C9-4780-8454-4EB112DF0B40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "13C228DD-0EB3-4348-8D7A-D17A59E92013",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2400422C-8E52-4946-BE83-AA7167F0F703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E1841E98-2B17-4DFC-B03F-4E4537D8A6A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "76048BE7-ABC9-4177-A6A6-03CD267708A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "00F2F28A-E975-469F-8720-ACAD38230A70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "D0D08EA5-E832-40D7-9530-079C400B050E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "FAFBD765-22E7-446B-B0E9-FCE7DDB1B90E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "C50B666B-B423-4182-BD9A-8893B66848AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows \"Infinite loop and memory exhaustion with \u0027concat\u0027 attributes\" and a denial of service."
},
{
"lang": "es",
"value": "Un problema FR-GV-302 en FreeRADIUS versi\u00f3n 3.x anterior a 3.0.15, permite un \"Infinite loop and memory exhaustion with \u0027concat\u0027 attributes\" y una denegaci\u00f3n de servicio."
}
],
"id": "CVE-2017-10985",
"lastModified": "2024-11-21T03:06:53.600",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-17T17:29:00.400",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/99968"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/99968"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-835"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-07-17 17:29
Modified
2024-11-21 03:06
Severity ?
Summary
An FR-GV-203 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in decode_tlv()" and a denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 2.0.0 | |
| freeradius | freeradius | 2.0.0 | |
| freeradius | freeradius | 2.0.0 | |
| freeradius | freeradius | 2.0.1 | |
| freeradius | freeradius | 2.0.2 | |
| freeradius | freeradius | 2.0.3 | |
| freeradius | freeradius | 2.0.4 | |
| freeradius | freeradius | 2.0.5 | |
| freeradius | freeradius | 2.1.0 | |
| freeradius | freeradius | 2.1.1 | |
| freeradius | freeradius | 2.1.2 | |
| freeradius | freeradius | 2.1.3 | |
| freeradius | freeradius | 2.1.4 | |
| freeradius | freeradius | 2.1.6 | |
| freeradius | freeradius | 2.1.7 | |
| freeradius | freeradius | 2.1.8 | |
| freeradius | freeradius | 2.1.9 | |
| freeradius | freeradius | 2.1.10 | |
| freeradius | freeradius | 2.1.11 | |
| freeradius | freeradius | 2.1.12 | |
| freeradius | freeradius | 2.2.0 | |
| freeradius | freeradius | 2.2.1 | |
| freeradius | freeradius | 2.2.2 | |
| freeradius | freeradius | 2.2.3 | |
| freeradius | freeradius | 2.2.4 | |
| freeradius | freeradius | 2.2.5 | |
| freeradius | freeradius | 2.2.6 | |
| freeradius | freeradius | 2.2.7 | |
| freeradius | freeradius | 2.2.8 | |
| freeradius | freeradius | 2.2.9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1F041B7-4DDB-406E-8A89-D2DDABD4AF96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.0:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5DA3BD5F-8CB9-4907-92C5-7A4E884CE1D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.0:pre2:*:*:*:*:*:*",
"matchCriteriaId": "3D7056CF-FF7C-4175-907A-A47984A82CB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4A43D5-03CA-4AAA-98A8-4EC86EC3EACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8DDB64CF-D48E-4E3E-A1E8-B6AE330A6C99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "25BF923C-F7CD-4232-8613-B1F09C7B9A35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6A113B67-B9B6-421C-9EC9-E1FB462A4214",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6518E4DA-9531-4135-8462-A9E3BDD7AE38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B92B1F7-8139-4D5A-9461-0C7314BCCBC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CAEB64-0676-4C18-8255-DACDA612188E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "17F7A434-49DC-4005-9161-F2B49559621F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7A54D59A-B832-4EE3-A8D6-A85EC17C268A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D494932F-F639-44BE-B15C-7F07A67B0502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D45784-C53B-4A11-B1B3-BC68B514002D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E969979B-2852-453D-AF48-A462448D4C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0E56E3E2-9142-47F5-B53E-61ACE4FA9A90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0CFEA6-1AC0-41AA-BEF0-16FE1A933758",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C593C44B-CB2B-4C38-A44D-BA1BC9BF3CDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "908DA549-0EE5-4B85-961F-1C67210F6AED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "91FBBBC1-7106-4DA1-BBCF-9D776BB082ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B421C2D-290B-4439-BED6-4C0AEBAF484B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "09685697-9D74-4ECA-ACB0-DF08A1442DF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4D536C78-5619-4B01-A838-EB348B6D947E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C3482E5-E818-40CE-A061-4469F3CAC702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2595550B-8820-471A-9D23-C40A848B73FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "15D7F150-6B47-44B8-82A9-5E03AC83B05D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5600607D-209E-4A7B-AC82-657638232D13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C236E624-8DE0-46CD-A9F1-951D1CDD9F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "11403C9E-7217-43AF-9BF4-371FA2623C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "86A2EC8C-840A-4DB2-8038-7E0E2D704EA5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An FR-GV-203 issue in FreeRADIUS 2.x before 2.2.10 allows \"DHCP - Memory leak in decode_tlv()\" and a denial of service."
},
{
"lang": "es",
"value": "Un problema FR-GV-203 en FreeRADIUS versi\u00f3n 2.x anterior a 2.2.10, permite una \"DHCP - Memory leak in decode_tlv()\" y una denegaci\u00f3n de servicio."
}
],
"id": "CVE-2017-10980",
"lastModified": "2024-11-21T03:06:52.750",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-17T17:29:00.243",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/99905"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038914"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/99905"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038914"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1759"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-772"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-27 17:59
Modified
2024-11-21 02:39
Severity ?
Summary
Off-by-one error in the EAP-PWD module in FreeRADIUS 3.0 through 3.0.8, which triggers a buffer overflow.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://freeradius.org/security.html#eap-pwd-2015 | Not Applicable | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2016/01/08/7 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://freeradius.org/security.html#eap-pwd-2015 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/01/08/7 | Mailing List, Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 3.0.0 | |
| freeradius | freeradius | 3.0.1 | |
| freeradius | freeradius | 3.0.2 | |
| freeradius | freeradius | 3.0.3 | |
| freeradius | freeradius | 3.0.4 | |
| freeradius | freeradius | 3.0.5 | |
| freeradius | freeradius | 3.0.6 | |
| freeradius | freeradius | 3.0.7 | |
| freeradius | freeradius | 3.0.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "388D7673-6BA7-4113-86E1-00F9A60C8796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7B5B5D50-C251-4569-9D2C-49FB64702646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A693BD6B-BCFF-461B-B71D-4E6F7A614979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6E1D867F-7147-4C97-927B-C10404CC2985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD8346B-8A41-43DF-9AFE-06E3546B6AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4C30EB50-6BCD-44E4-906A-618ACCF627DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A8C129A8-59C9-4780-8454-4EB112DF0B40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "13C228DD-0EB3-4348-8D7A-D17A59E92013",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2400422C-8E52-4946-BE83-AA7167F0F703",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the EAP-PWD module in FreeRADIUS 3.0 through 3.0.8, which triggers a buffer overflow."
},
{
"lang": "es",
"value": "Error por un paso en el m\u00f3dulo EAP-PWD en FreeRADIUS 3.0 hasta la versi\u00f3n 3.0.8, lo que desencadena un desbordamiento de b\u00fafer."
}
],
"id": "CVE-2015-8764",
"lastModified": "2024-11-21T02:39:08.070",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-27T17:59:00.350",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "http://freeradius.org/security.html#eap-pwd-2015"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/08/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://freeradius.org/security.html#eap-pwd-2015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/08/7"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-05-29 17:29
Modified
2024-11-21 03:35
Severity ?
Summary
The TLS session cache in FreeRADIUS 2.1.1 through 2.1.7, 3.0.x before 3.0.14, 3.1.x before 2017-02-04, and 4.0.x before 2017-02-04 fails to reliably prevent resumption of an unauthenticated session, which allows remote attackers (such as malicious 802.1X supplicants) to bypass authentication via PEAP or TTLS.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 2.1.1 | |
| freeradius | freeradius | 2.1.2 | |
| freeradius | freeradius | 2.1.3 | |
| freeradius | freeradius | 2.1.4 | |
| freeradius | freeradius | 2.1.6 | |
| freeradius | freeradius | 2.1.7 | |
| freeradius | freeradius | 3.0.0 | |
| freeradius | freeradius | 3.0.1 | |
| freeradius | freeradius | 3.0.2 | |
| freeradius | freeradius | 3.0.3 | |
| freeradius | freeradius | 3.0.4 | |
| freeradius | freeradius | 3.0.5 | |
| freeradius | freeradius | 3.0.6 | |
| freeradius | freeradius | 3.0.7 | |
| freeradius | freeradius | 3.0.8 | |
| freeradius | freeradius | 3.0.9 | |
| freeradius | freeradius | 3.1.0 | |
| freeradius | freeradius | 3.1.1 | |
| freeradius | freeradius | 3.1.2 | |
| freeradius | freeradius | 3.1.3 | |
| freeradius | freeradius | 4.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CAEB64-0676-4C18-8255-DACDA612188E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "17F7A434-49DC-4005-9161-F2B49559621F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7A54D59A-B832-4EE3-A8D6-A85EC17C268A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D494932F-F639-44BE-B15C-7F07A67B0502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D45784-C53B-4A11-B1B3-BC68B514002D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E969979B-2852-453D-AF48-A462448D4C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "388D7673-6BA7-4113-86E1-00F9A60C8796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7B5B5D50-C251-4569-9D2C-49FB64702646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A693BD6B-BCFF-461B-B71D-4E6F7A614979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6E1D867F-7147-4C97-927B-C10404CC2985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD8346B-8A41-43DF-9AFE-06E3546B6AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4C30EB50-6BCD-44E4-906A-618ACCF627DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A8C129A8-59C9-4780-8454-4EB112DF0B40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "13C228DD-0EB3-4348-8D7A-D17A59E92013",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2400422C-8E52-4946-BE83-AA7167F0F703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E1841E98-2B17-4DFC-B03F-4E4537D8A6A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78140938-FD3B-442E-B906-7705CDFF853D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "354381FC-52F3-4377-8DE0-75FC0D2D7FD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D829A428-71E8-4EB4-A8D7-BD5B673AA51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8F800631-5190-410F-B11D-02CF956D5B93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA8D994-16CB-44F0-95FE-7AFECB56C949",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The TLS session cache in FreeRADIUS 2.1.1 through 2.1.7, 3.0.x before 3.0.14, 3.1.x before 2017-02-04, and 4.0.x before 2017-02-04 fails to reliably prevent resumption of an unauthenticated session, which allows remote attackers (such as malicious 802.1X supplicants) to bypass authentication via PEAP or TTLS."
},
{
"lang": "es",
"value": "La cach\u00e9 de una sesi\u00f3n TLS en FreeRADIUS versiones 2.1.1 hasta 2.1.7, versiones 3.0.x anteriores a 3.0.14, versiones 3.1.x antes de 04-02-2017, y versiones 4.0.x antes de 04-02-2017, no puede impedir de manera fiable la reanudaci\u00f3n de una sesi\u00f3n no autenticada, que permite a los atacantes remotos (como requirentes maliciosos 802.1X) para omitir la autenticaci\u00f3n por medio de PEAP o TTLS."
}
],
"id": "CVE-2017-9148",
"lastModified": "2024-11-21T03:35:26.163",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-05-29T17:29:00.200",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "http://freeradius.org/security.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"VDB Entry"
],
"url": "http://seclists.org/oss-sec/2017/q2/422"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98734"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1038576"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2017:1581"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201706-27"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://freeradius.org/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"VDB Entry"
],
"url": "http://seclists.org/oss-sec/2017/q2/422"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98734"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038576"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201706-27"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-03-12 23:55
Modified
2024-11-21 01:33
Severity ?
Summary
modules/rlm_unix/rlm_unix.c in FreeRADIUS before 2.2.0, when unix mode is enabled for user authentication, does not properly check the password expiration in /etc/shadow, which allows remote authenticated users to authenticate using an expired password.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45C6E852-B6B5-4598-84B0-8D55932928F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5FFA82DC-988E-4351-B8AD-ACC4E73625F0",
"versionEndIncluding": "2.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE9FC274-5453-4A3D-9FD4-55D2E0283D0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AEDD86F-92B9-43EC-80E3-54010E249FC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BFDB110B-4057-4BA4-993A-9DA14888A093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "52C8708B-4D1A-48A7-87DF-DF4B53E66D06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0369C1A6-A0FE-4BF8-89F5-5ED384565DAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "87DBE446-220E-4838-808D-AA67C0254051",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E42DCF34-E0AE-4DAC-83EE-4A344768C673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EBBD2835-6588-44AC-B0FE-534855AF9537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1638CC08-8886-4863-8532-883A8616592F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E4FD4F2-0449-4562-ABF2-927206CB77DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "636F3F00-97A5-4497-A6A9-722AFC5BD689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "660E3D6D-414D-436D-B256-0B49E701F757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EECDFCD7-0189-4C59-842D-C5F9064033A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1D3EC2A3-5FB6-4D39-B1EA-C8E17AF1F0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD634946-ED9B-47EB-8D0F-88EA6057D17C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "49152208-4DBD-4AF7-BCB3-3D56650899F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90AF846A-F239-4963-B260-7CB48334B8B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E95ADE53-BFBE-4B06-A1BF-EF576D567554",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F03F8FE-80BA-41A3-85CE-FFB6A18E6DCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4C48FE12-68CB-462D-B75E-204894325F5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1321F1E7-4B14-4B16-91D0-AE9E9951D12A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "313EFEC5-1580-4ACE-BB9C-84E3714F2C37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E023DE32-302F-42CC-8C3A-68CFFB400609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EDE68525-9B4E-4444-BAD3-1F98BCF9C312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B93BEF0-09C1-4DF8-8761-582DE975F306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8ACE0558-F9FC-4B2C-96BD-7146D32A1637",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4F927232-6275-497E-BF09-B4DCF19642C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F07F89D7-504B-4892-9840-A3FED5274F5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7E1917D7-8E6B-4208-A632-CC2C25FEF1BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2121418C-4710-447D-9582-F535EDD2BF36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D5C0C0C3-970F-4936-BEBB-19FACF4E958B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4A43D5-03CA-4AAA-98A8-4EC86EC3EACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8DDB64CF-D48E-4E3E-A1E8-B6AE330A6C99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "25BF923C-F7CD-4232-8613-B1F09C7B9A35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6A113B67-B9B6-421C-9EC9-E1FB462A4214",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6518E4DA-9531-4135-8462-A9E3BDD7AE38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B92B1F7-8139-4D5A-9461-0C7314BCCBC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CAEB64-0676-4C18-8255-DACDA612188E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "17F7A434-49DC-4005-9161-F2B49559621F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7A54D59A-B832-4EE3-A8D6-A85EC17C268A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D494932F-F639-44BE-B15C-7F07A67B0502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D45784-C53B-4A11-B1B3-BC68B514002D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E969979B-2852-453D-AF48-A462448D4C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0E56E3E2-9142-47F5-B53E-61ACE4FA9A90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0CFEA6-1AC0-41AA-BEF0-16FE1A933758",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C593C44B-CB2B-4C38-A44D-BA1BC9BF3CDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "908DA549-0EE5-4B85-961F-1C67210F6AED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "91FBBBC1-7106-4DA1-BBCF-9D776BB082ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "modules/rlm_unix/rlm_unix.c in FreeRADIUS before 2.2.0, when unix mode is enabled for user authentication, does not properly check the password expiration in /etc/shadow, which allows remote authenticated users to authenticate using an expired password."
},
{
"lang": "es",
"value": "modules/rlm_unix/rlm_unix.c en FreeRADIUS anterior a v2.2.0, cuando el modo unix est\u00e1 activado para la autenticaci\u00f3n de usuarios, no valida adecuadamente la expiraci\u00f3n de la contrase\u00f1a en /etc/shadow, lo que permite a usuarios autenticados remotamente validarse mediante una contrase\u00f1a caducada."
}
],
"id": "CVE-2011-4966",
"lastModified": "2024-11-21T01:33:22.790",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-03-12T23:55:01.337",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00029.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00079.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHBA-2012-0881.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0134.html"
},
{
"source": "secalert@redhat.com",
"url": "https://github.com/alandekok/freeradius-server/commit/1b1ec5ce75e224bd1755650c18ccdaa6dc53e605"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00029.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00079.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHBA-2012-0881.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0134.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/alandekok/freeradius-server/commit/1b1ec5ce75e224bd1755650c18ccdaa6dc53e605"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-01-17 18:15
Modified
2024-11-21 07:23
Severity ?
Summary
In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://freeradius.org/security/ | Patch, Vendor Advisory | |
| secalert@redhat.com | https://github.com/FreeRADIUS/freeradius-server/commit/9e5e8f2f | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://freeradius.org/security/ | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/FreeRADIUS/freeradius-server/commit/9e5e8f2f | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA70644-1F3C-4B83-BE2A-F865085CD979",
"versionEndExcluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack."
},
{
"lang": "es",
"value": "En freeradius, la funci\u00f3n EAP-PWD Compute_password_element() filtra informaci\u00f3n sobre la contrase\u00f1a, lo que permite a un atacante reducir sustancialmente el tama\u00f1o de un ataque de diccionario fuera de l\u00ednea."
}
],
"id": "CVE-2022-41859",
"lastModified": "2024-11-21T07:23:57.130",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-01-17T18:15:11.287",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://freeradius.org/security/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/FreeRADIUS/freeradius-server/commit/9e5e8f2f"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://freeradius.org/security/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/FreeRADIUS/freeradius-server/commit/9e5e8f2f"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-522"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2024-11-21 00:05
Severity ?
Summary
SQL injection vulnerability in the rlm_sqlcounter module in FreeRADIUS 1.0.3 and 1.0.4 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 1.0.3 | |
| freeradius | freeradius | 1.0.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F03F8FE-80BA-41A3-85CE-FFB6A18E6DCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4C48FE12-68CB-462D-B75E-204894325F5D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the rlm_sqlcounter module in FreeRADIUS 1.0.3 and 1.0.4 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors."
}
],
"evaluatorSolution": "The vendor released version 1.1.1 to address this issue.",
"id": "CVE-2005-4745",
"lastModified": "2024-11-21T00:05:04.813",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2006/dsa-1145"
},
{
"source": "secalert@redhat.com",
"url": "http://www.freeradius.org/security.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:092"
},
{
"source": "secalert@redhat.com",
"url": "http://www.osvdb.org/19323"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/17294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.freeradius.org/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/19323"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/17294"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vendorComments": [
{
"comment": "Not vulnerable. This issue did not affect the FreeRADIUS packages as distributed with Red Hat Enterprise Linux 2.1, 3, or 4.",
"lastModified": "2006-08-30T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-03-04 05:00
Modified
2024-11-20 23:37
Severity ?
Summary
Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ascend:radius:1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "C0717614-9C92-4C20-9D65-0E488C97FAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AEDD86F-92B9-43EC-80E3-54010E249FC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BFDB110B-4057-4BA4-993A-9DA14888A093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:radius:0.92.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F5B0DFDC-913E-4358-9BF1-6AA1F871CB4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:radius:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "F332DA97-B327-45E0-8948-18C2C7278757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:radius:0.94:*:*:*:*:*:*:*",
"matchCriteriaId": "67632403-328E-4149-B0EC-2B563DDD7FD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:radius:0.95:*:*:*:*:*:*:*",
"matchCriteriaId": "0F6945F8-EB40-4205-9585-3BF9A132406E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:icradius:icradius:0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "2A28A174-45A4-4886-8C87-2D475F9ABF18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:icradius:icradius:0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "A949E3FF-5360-4FC1-95E5-AB5080156D77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:icradius:icradius:0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "D000F534-1BF0-40A8-BD2B-9EBAF71D6FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:icradius:icradius:0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "15253C62-0FCC-4699-9CC5-486F23CDD1E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:icradius:icradius:0.17b:*:*:*:*:*:*:*",
"matchCriteriaId": "D01B8A1D-A4EC-4B92-A9EC-BECB35185ECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:icradius:icradius:0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "10DD81E4-732C-4F23-80A7-987FCC0511D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:icradius:icradius:0.18.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28A5F502-7DA3-44E2-AEFB-6D1FD7121F7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:livingston:radius:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C2894BE-AE8B-491C-A776-5D2821D4DFB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:livingston:radius:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "92CD1A39-33F6-47C3-8899-286C07C9C219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:livingston:radius:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E3133364-7726-4BFA-A552-03533F762161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lucent:radius:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96927B69-BA71-460B-8A59-CF3FC93C9661",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lucent:radius:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "056AD200-84E8-4B99-863F-C1D61A6B4C7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lucent:radius:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCE2BA9-35E0-410A-B9CC-C77C9D95338E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4999A95F-9124-4585-B78C-34B8CDA87250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "28DC815B-6648-4C3A-A66C-264EE6903CE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "627CD710-183C-433B-9CC6-804C8A726FE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FA442BB3-4DAE-402C-8F3C-DFCA4C3EE63A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DE605C8B-316E-4C04-B5D1-97A0E2719DBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13CF26C7-90DB-46FB-AE08-936FF7C324F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openradius:openradius:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "15B965F5-E32D-4824-9A4B-0A2507CD167E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openradius:openradius:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C211927E-DE7F-450F-918B-DC3EAF6C5743",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openradius:openradius:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A74F1BA-3E1A-4073-A290-C086B6388F75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openradius:openradius:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDB28FF-D0B4-45A4-A2E7-C56B4D660204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openradius:openradius:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5263133F-0C92-4C16-B933-71AEAE9C33BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:radiusclient:radiusclient:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE414B4-5E23-4DE9-AD86-8FE51CCE723B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xtradius:xtradius:1.1_pre1:*:*:*:*:*:*:*",
"matchCriteriaId": "F6713B65-D941-4DCE-AA63-FE0B408E575B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:yard_radius:yard_radius:1.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "7326E7C2-F310-4820-A36D-C7045E6ED721",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:yard_radius:yard_radius:1.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "C37D50E1-E8E1-4D07-93D2-D8DEE13872D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:yard_radius:yard_radius:1.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "792AB6F5-0916-482B-A868-BC41B7A6EFE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:yard_radius:yard_radius:1.0_pre13:*:*:*:*:*:*:*",
"matchCriteriaId": "F4A295E4-7D6D-4906-84D4-BB80AF58422E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:yard_radius:yard_radius:1.0_pre14:*:*:*:*:*:*:*",
"matchCriteriaId": "9A1FEC14-198C-46D1-8F96-9D91B9733A55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:yard_radius:yard_radius:1.0_pre15:*:*:*:*:*:*:*",
"matchCriteriaId": "DB2830F3-FB3A-4833-9027-B4933BA813ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:yard_radius_project:yard_radius:1.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "95CC863F-9448-4692-AB9C-BA218D2313CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data."
}
],
"id": "CVE-2001-1376",
"lastModified": "2024-11-20T23:37:32.663",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-03-04T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000466"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=101537153021792\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/archive/1/239784"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2002-06.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/589523"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2002-030.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3530"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7534"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000466"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=101537153021792\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/archive/1/239784"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2002-06.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/589523"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2002-030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7534"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-10-07 21:00
Modified
2024-11-21 01:19
Severity ?
Summary
The wait_for_child_to_die function in main/event.c in FreeRADIUS 2.1.x before 2.1.10, in certain circumstances involving long-term database outages, does not properly handle long queue times for requests, which allows remote attackers to cause a denial of service (daemon crash) by sending many requests.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 2.1.0 | |
| freeradius | freeradius | 2.1.1 | |
| freeradius | freeradius | 2.1.2 | |
| freeradius | freeradius | 2.1.3 | |
| freeradius | freeradius | 2.1.4 | |
| freeradius | freeradius | 2.1.6 | |
| freeradius | freeradius | 2.1.7 | |
| freeradius | freeradius | 2.1.8 | |
| freeradius | freeradius | 2.1.9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B92B1F7-8139-4D5A-9461-0C7314BCCBC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CAEB64-0676-4C18-8255-DACDA612188E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "17F7A434-49DC-4005-9161-F2B49559621F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7A54D59A-B832-4EE3-A8D6-A85EC17C268A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D494932F-F639-44BE-B15C-7F07A67B0502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D45784-C53B-4A11-B1B3-BC68B514002D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E969979B-2852-453D-AF48-A462448D4C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0E56E3E2-9142-47F5-B53E-61ACE4FA9A90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0CFEA6-1AC0-41AA-BEF0-16FE1A933758",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The wait_for_child_to_die function in main/event.c in FreeRADIUS 2.1.x before 2.1.10, in certain circumstances involving long-term database outages, does not properly handle long queue times for requests, which allows remote attackers to cause a denial of service (daemon crash) by sending many requests."
},
{
"lang": "es",
"value": "La funci\u00f3n wait_for_child_to_die en main/event.c en FreeRADIUS v2.1.x anterior a v2.1.10, en determinadas ocaciones genera cortes en la base de datos al no controlar correctamente los tiempos largos de la cola de peticiones, permitiendo de esta forma a atacantes remotos provocar una denegaci\u00f3n de servicio ( ca\u00edda del servicio) mediante el env\u00edo de muchas peticiones."
}
],
"id": "CVE-2010-3697",
"lastModified": "2024-11-21T01:19:25.093",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-10-07T21:00:03.500",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://freeradius.org/press/index.html#2.1.10"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://github.com/alandekok/freeradius-server/commit/ff94dd35673bba1476594299d31ce8293b8bd223"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41621"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2010/10/01/3"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2010/10/01/8"
},
{
"source": "secalert@redhat.com",
"url": "https://bugs.freeradius.org/bugzilla/show_bug.cgi?id=35"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://freeradius.org/press/index.html#2.1.10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://github.com/alandekok/freeradius-server/commit/ff94dd35673bba1476594299d31ce8293b8bd223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41621"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2010/10/01/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2010/10/01/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.freeradius.org/bugzilla/show_bug.cgi?id=35"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639397"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-07-17 17:29
Modified
2024-11-21 03:06
Severity ?
Summary
An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows "Write overflow in data2vp_wimax()" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 3.0.0 | |
| freeradius | freeradius | 3.0.1 | |
| freeradius | freeradius | 3.0.2 | |
| freeradius | freeradius | 3.0.3 | |
| freeradius | freeradius | 3.0.4 | |
| freeradius | freeradius | 3.0.5 | |
| freeradius | freeradius | 3.0.6 | |
| freeradius | freeradius | 3.0.7 | |
| freeradius | freeradius | 3.0.8 | |
| freeradius | freeradius | 3.0.9 | |
| freeradius | freeradius | 3.0.10 | |
| freeradius | freeradius | 3.0.11 | |
| freeradius | freeradius | 3.0.12 | |
| freeradius | freeradius | 3.0.13 | |
| freeradius | freeradius | 3.0.14 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "388D7673-6BA7-4113-86E1-00F9A60C8796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7B5B5D50-C251-4569-9D2C-49FB64702646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A693BD6B-BCFF-461B-B71D-4E6F7A614979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6E1D867F-7147-4C97-927B-C10404CC2985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD8346B-8A41-43DF-9AFE-06E3546B6AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4C30EB50-6BCD-44E4-906A-618ACCF627DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A8C129A8-59C9-4780-8454-4EB112DF0B40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "13C228DD-0EB3-4348-8D7A-D17A59E92013",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2400422C-8E52-4946-BE83-AA7167F0F703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E1841E98-2B17-4DFC-B03F-4E4537D8A6A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "76048BE7-ABC9-4177-A6A6-03CD267708A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "00F2F28A-E975-469F-8720-ACAD38230A70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "D0D08EA5-E832-40D7-9530-079C400B050E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "FAFBD765-22E7-446B-B0E9-FCE7DDB1B90E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:3.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "C50B666B-B423-4182-BD9A-8893B66848AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows \"Write overflow in data2vp_wimax()\" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code."
},
{
"lang": "es",
"value": "Un problema FR-GV-301 en FreeRADIUS versi\u00f3n 3.x anterior a 3.0.15, permite un \"Write overflow in data2vp_wimax()\" - esto permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo del demonio) o posiblemente ejecutar c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-10984",
"lastModified": "2024-11-21T03:06:53.433",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-17T17:29:00.367",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/99876"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://freeradius.org/security/fuzzer-2017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3930"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/99876"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:2389"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}