Vulnerability-Lookup - Search a vulnerability

Vulnerability from fkie_nvd

Published

2002-03-04 05:00

Modified

2024-11-20 23:37

Severity ?

Summary

Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2.

References

URL	Tags
cve@mitre.org	ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc
cve@mitre.org	http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html
cve@mitre.org	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466
cve@mitre.org	http://marc.info/?l=bugtraq&m=101537153021792&w=2
cve@mitre.org	http://www.cert.org/advisories/CA-2002-06.html	Patch, Third Party Advisory, US Government Resource
cve@mitre.org	http://www.iss.net/security_center/static/8354.php	Patch, Vendor Advisory
cve@mitre.org	http://www.kb.cert.org/vuls/id/936683	Patch, Third Party Advisory, US Government Resource
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2002-030.html
cve@mitre.org	http://www.securityfocus.com/bid/4230	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html
af854a3a-2127-422b-91ae-364da2661108	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=101537153021792&w=2
af854a3a-2127-422b-91ae-364da2661108	http://www.cert.org/advisories/CA-2002-06.html	Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.iss.net/security_center/static/8354.php	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/936683	Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2002-030.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/4230	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
freeradius	freeradius	0.2
freeradius	freeradius	0.3
gnu	radius	0.92.1
gnu	radius	0.93
gnu	radius	0.94
gnu	radius	0.95
icradius	icradius	0.14
icradius	icradius	0.15
icradius	icradius	0.16
icradius	icradius	0.17
icradius	icradius	0.17b
icradius	icradius	0.18
icradius	icradius	0.18.1
livingston	radius	2.0
livingston	radius	2.0.1
livingston	radius	2.1
lucent	radius	2.0
lucent	radius	2.0.1
lucent	radius	2.1
miquel_van_smoorenburg_cistron	radius	1.6.1
miquel_van_smoorenburg_cistron	radius	1.6.2
miquel_van_smoorenburg_cistron	radius	1.6.3
miquel_van_smoorenburg_cistron	radius	1.6.4
miquel_van_smoorenburg_cistron	radius	1.6.5
miquel_van_smoorenburg_cistron	radius	1.6_.0
openradius	openradius	0.8
openradius	openradius	0.9
openradius	openradius	0.9.1
openradius	openradius	0.9.2
openradius	openradius	0.9.3
radiusclient	radiusclient	0.3.1
xtradius	xtradius	1.1_pre1
xtradius	xtradius	1.1_pre2
yard_radius	yard_radius	1.0.17
yard_radius	yard_radius	1.0.18
yard_radius	yard_radius	1.0.19
yard_radius	yard_radius	1.0_pre13
yard_radius	yard_radius	1.0_pre14
yard_radius	yard_radius	1.0_pre15
yard_radius_project	yard_radius	1.0.16

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:freeradius:freeradius:0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AEDD86F-92B9-43EC-80E3-54010E249FC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:freeradius:freeradius:0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFDB110B-4057-4BA4-993A-9DA14888A093",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:radius:0.92.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5B0DFDC-913E-4358-9BF1-6AA1F871CB4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:radius:0.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "F332DA97-B327-45E0-8948-18C2C7278757",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:radius:0.94:*:*:*:*:*:*:*",
              "matchCriteriaId": "67632403-328E-4149-B0EC-2B563DDD7FD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:radius:0.95:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F6945F8-EB40-4205-9585-3BF9A132406E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icradius:icradius:0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A28A174-45A4-4886-8C87-2D475F9ABF18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icradius:icradius:0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "A949E3FF-5360-4FC1-95E5-AB5080156D77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icradius:icradius:0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "D000F534-1BF0-40A8-BD2B-9EBAF71D6FA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icradius:icradius:0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "15253C62-0FCC-4699-9CC5-486F23CDD1E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icradius:icradius:0.17b:*:*:*:*:*:*:*",
              "matchCriteriaId": "D01B8A1D-A4EC-4B92-A9EC-BECB35185ECC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icradius:icradius:0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "10DD81E4-732C-4F23-80A7-987FCC0511D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icradius:icradius:0.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "28A5F502-7DA3-44E2-AEFB-6D1FD7121F7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:livingston:radius:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C2894BE-AE8B-491C-A776-5D2821D4DFB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:livingston:radius:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "92CD1A39-33F6-47C3-8899-286C07C9C219",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:livingston:radius:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3133364-7726-4BFA-A552-03533F762161",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lucent:radius:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96927B69-BA71-460B-8A59-CF3FC93C9661",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lucent:radius:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "056AD200-84E8-4B99-863F-C1D61A6B4C7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lucent:radius:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FCE2BA9-35E0-410A-B9CC-C77C9D95338E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4999A95F-9124-4585-B78C-34B8CDA87250",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "28DC815B-6648-4C3A-A66C-264EE6903CE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "627CD710-183C-433B-9CC6-804C8A726FE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA442BB3-4DAE-402C-8F3C-DFCA4C3EE63A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE605C8B-316E-4C04-B5D1-97A0E2719DBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6_.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13CF26C7-90DB-46FB-AE08-936FF7C324F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openradius:openradius:0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "15B965F5-E32D-4824-9A4B-0A2507CD167E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openradius:openradius:0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "C211927E-DE7F-450F-918B-DC3EAF6C5743",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openradius:openradius:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A74F1BA-3E1A-4073-A290-C086B6388F75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openradius:openradius:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDDB28FF-D0B4-45A4-A2E7-C56B4D660204",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openradius:openradius:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5263133F-0C92-4C16-B933-71AEAE9C33BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:radiusclient:radiusclient:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACE414B4-5E23-4DE9-AD86-8FE51CCE723B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xtradius:xtradius:1.1_pre1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6713B65-D941-4DCE-AA63-FE0B408E575B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xtradius:xtradius:1.1_pre2:*:*:*:*:*:*:*",
              "matchCriteriaId": "43B671B4-7B26-4F43-A477-1EE7F1E74245",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yard_radius:yard_radius:1.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7326E7C2-F310-4820-A36D-C7045E6ED721",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yard_radius:yard_radius:1.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "C37D50E1-E8E1-4D07-93D2-D8DEE13872D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yard_radius:yard_radius:1.0.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "792AB6F5-0916-482B-A868-BC41B7A6EFE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yard_radius:yard_radius:1.0_pre13:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4A295E4-7D6D-4906-84D4-BB80AF58422E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yard_radius:yard_radius:1.0_pre14:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A1FEC14-198C-46D1-8F96-9D91B9733A55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yard_radius:yard_radius:1.0_pre15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB2830F3-FB3A-4833-9027-B4933BA813ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yard_radius_project:yard_radius:1.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "95CC863F-9448-4692-AB9C-BA218D2313CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2."
    }
  ],
  "id": "CVE-2001-1377",
  "lastModified": "2024-11-20T23:37:32.877",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2002-03-04T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000466"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=101537153021792\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.cert.org/advisories/CA-2002-06.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.iss.net/security_center/static/8354.php"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/936683"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2002-030.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/4230"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000466"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=101537153021792\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.cert.org/advisories/CA-2002-06.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.iss.net/security_center/static/8354.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/936683"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2002-030.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/4230"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2002-03-04 05:00

Modified

2024-11-20 23:37

Severity ?

Summary

Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data.

References

URL	Tags
cve@mitre.org	http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html
cve@mitre.org	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466
cve@mitre.org	http://marc.info/?l=bugtraq&m=101537153021792&w=2
cve@mitre.org	http://online.securityfocus.com/archive/1/239784	Vendor Advisory
cve@mitre.org	http://www.cert.org/advisories/CA-2002-06.html	Patch, Third Party Advisory, US Government Resource
cve@mitre.org	http://www.kb.cert.org/vuls/id/589523	US Government Resource
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2002-030.html
cve@mitre.org	http://www.securityfocus.com/bid/3530	Patch, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/7534
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html
af854a3a-2127-422b-91ae-364da2661108	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=101537153021792&w=2
af854a3a-2127-422b-91ae-364da2661108	http://online.securityfocus.com/archive/1/239784	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.cert.org/advisories/CA-2002-06.html	Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/589523	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2002-030.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/3530	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/7534

Impacted products

Vendor	Product	Version
ascend	radius	1.16
freeradius	freeradius	0.2
freeradius	freeradius	0.3
gnu	radius	0.92.1
gnu	radius	0.93
gnu	radius	0.94
gnu	radius	0.95
icradius	icradius	0.14
icradius	icradius	0.15
icradius	icradius	0.16
icradius	icradius	0.17
icradius	icradius	0.17b
icradius	icradius	0.18
icradius	icradius	0.18.1
livingston	radius	2.0
livingston	radius	2.0.1
livingston	radius	2.1
lucent	radius	2.0
lucent	radius	2.0.1
lucent	radius	2.1
miquel_van_smoorenburg_cistron	radius	1.6.1
miquel_van_smoorenburg_cistron	radius	1.6.2
miquel_van_smoorenburg_cistron	radius	1.6.3
miquel_van_smoorenburg_cistron	radius	1.6.4
miquel_van_smoorenburg_cistron	radius	1.6.5
miquel_van_smoorenburg_cistron	radius	1.6_.0
openradius	openradius	0.8
openradius	openradius	0.9
openradius	openradius	0.9.1
openradius	openradius	0.9.2
openradius	openradius	0.9.3
radiusclient	radiusclient	0.3.1
xtradius	xtradius	1.1_pre1
yard_radius	yard_radius	1.0.17
yard_radius	yard_radius	1.0.18
yard_radius	yard_radius	1.0.19
yard_radius	yard_radius	1.0_pre13
yard_radius	yard_radius	1.0_pre14
yard_radius	yard_radius	1.0_pre15
yard_radius_project	yard_radius	1.0.16

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ascend:radius:1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0717614-9C92-4C20-9D65-0E488C97FAD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:freeradius:freeradius:0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AEDD86F-92B9-43EC-80E3-54010E249FC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:freeradius:freeradius:0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFDB110B-4057-4BA4-993A-9DA14888A093",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:radius:0.92.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5B0DFDC-913E-4358-9BF1-6AA1F871CB4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:radius:0.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "F332DA97-B327-45E0-8948-18C2C7278757",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:radius:0.94:*:*:*:*:*:*:*",
              "matchCriteriaId": "67632403-328E-4149-B0EC-2B563DDD7FD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:radius:0.95:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F6945F8-EB40-4205-9585-3BF9A132406E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icradius:icradius:0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A28A174-45A4-4886-8C87-2D475F9ABF18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icradius:icradius:0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "A949E3FF-5360-4FC1-95E5-AB5080156D77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icradius:icradius:0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "D000F534-1BF0-40A8-BD2B-9EBAF71D6FA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icradius:icradius:0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "15253C62-0FCC-4699-9CC5-486F23CDD1E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icradius:icradius:0.17b:*:*:*:*:*:*:*",
              "matchCriteriaId": "D01B8A1D-A4EC-4B92-A9EC-BECB35185ECC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icradius:icradius:0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "10DD81E4-732C-4F23-80A7-987FCC0511D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icradius:icradius:0.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "28A5F502-7DA3-44E2-AEFB-6D1FD7121F7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:livingston:radius:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C2894BE-AE8B-491C-A776-5D2821D4DFB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:livingston:radius:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "92CD1A39-33F6-47C3-8899-286C07C9C219",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:livingston:radius:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3133364-7726-4BFA-A552-03533F762161",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lucent:radius:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96927B69-BA71-460B-8A59-CF3FC93C9661",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lucent:radius:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "056AD200-84E8-4B99-863F-C1D61A6B4C7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lucent:radius:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FCE2BA9-35E0-410A-B9CC-C77C9D95338E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4999A95F-9124-4585-B78C-34B8CDA87250",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "28DC815B-6648-4C3A-A66C-264EE6903CE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "627CD710-183C-433B-9CC6-804C8A726FE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA442BB3-4DAE-402C-8F3C-DFCA4C3EE63A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE605C8B-316E-4C04-B5D1-97A0E2719DBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6_.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13CF26C7-90DB-46FB-AE08-936FF7C324F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openradius:openradius:0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "15B965F5-E32D-4824-9A4B-0A2507CD167E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openradius:openradius:0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "C211927E-DE7F-450F-918B-DC3EAF6C5743",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openradius:openradius:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A74F1BA-3E1A-4073-A290-C086B6388F75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openradius:openradius:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDDB28FF-D0B4-45A4-A2E7-C56B4D660204",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openradius:openradius:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5263133F-0C92-4C16-B933-71AEAE9C33BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:radiusclient:radiusclient:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACE414B4-5E23-4DE9-AD86-8FE51CCE723B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xtradius:xtradius:1.1_pre1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6713B65-D941-4DCE-AA63-FE0B408E575B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yard_radius:yard_radius:1.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7326E7C2-F310-4820-A36D-C7045E6ED721",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yard_radius:yard_radius:1.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "C37D50E1-E8E1-4D07-93D2-D8DEE13872D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yard_radius:yard_radius:1.0.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "792AB6F5-0916-482B-A868-BC41B7A6EFE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yard_radius:yard_radius:1.0_pre13:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4A295E4-7D6D-4906-84D4-BB80AF58422E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yard_radius:yard_radius:1.0_pre14:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A1FEC14-198C-46D1-8F96-9D91B9733A55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yard_radius:yard_radius:1.0_pre15:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB2830F3-FB3A-4833-9027-B4933BA813ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yard_radius_project:yard_radius:1.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "95CC863F-9448-4692-AB9C-BA218D2313CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data."
    }
  ],
  "id": "CVE-2001-1376",
  "lastModified": "2024-11-20T23:37:32.663",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2002-03-04T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000466"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=101537153021792\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://online.securityfocus.com/archive/1/239784"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.cert.org/advisories/CA-2002-06.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/589523"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2002-030.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/3530"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7534"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000466"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=101537153021792\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://online.securityfocus.com/archive/1/239784"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.cert.org/advisories/CA-2002-06.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/589523"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2002-030.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/3530"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7534"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

1997-12-01 05:00

Modified

2024-11-20 23:28

Severity ?

Summary

Livingston RADIUS code has a buffer overflow which can allow remote execution of commands as root.

References

▼	URL	Tags
	cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0244
	af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0244

Impacted products

	Vendor	Product	Version
	livingston	radius	1.x

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:livingston:radius:1.x:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DA8184B-7BA4-4D71-BA0F-AC50C21E4BAC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Livingston RADIUS code has a buffer overflow which can allow remote execution of commands as root."
    }
  ],
  "id": "CVE-1999-0244",
  "lastModified": "2024-11-20T23:28:13.617",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "1997-12-01T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0244"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0244"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-1999-0244

Vulnerability from cvelistv5

Published

1999-09-29 04:00

Modified

2024-08-01 16:34

Severity ?

Summary

Livingston RADIUS code has a buffer overflow which can allow remote execution of commands as root.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0244	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T16:34:51.546Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0244"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Livingston RADIUS code has a buffer overflow which can allow remote execution of commands as root."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-17T07:02:20",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0244"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-1999-0244",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Livingston RADIUS code has a buffer overflow which can allow remote execution of commands as root."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0244",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0244"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-1999-0244",
    "datePublished": "1999-09-29T04:00:00",
    "dateReserved": "1999-06-07T00:00:00",
    "dateUpdated": "2024-08-01T16:34:51.546Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2001-1377

Vulnerability from cvelistv5

Published

2002-06-11 04:00

Modified

2024-08-08 04:51

Severity ?

Summary

Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2.

References

▼	URL	Tags
	http://www.redhat.com/support/errata/RHSA-2002-030.html	vendor-advisory, x_refsource_REDHAT
	http://www.iss.net/security_center/static/8354.php	vdb-entry, x_refsource_XF
	http://www.kb.cert.org/vuls/id/936683	third-party-advisory, x_refsource_CERT-VN
	http://marc.info/?l=bugtraq&m=101537153021792&w=2	mailing-list, x_refsource_BUGTRAQ
	http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html	vendor-advisory, x_refsource_SUSE
	http://www.securityfocus.com/bid/4230	vdb-entry, x_refsource_BID
	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466	vendor-advisory, x_refsource_CONECTIVA
	http://www.cert.org/advisories/CA-2002-06.html	third-party-advisory, x_refsource_CERT
	ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc	vendor-advisory, x_refsource_FREEBSD

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T04:51:08.453Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2002:030",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2002-030.html"
          },
          {
            "name": "radius-vendor-attribute-dos(8354)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "http://www.iss.net/security_center/static/8354.php"
          },
          {
            "name": "VU#936683",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/936683"
          },
          {
            "name": "20020305 SECURITY.NNOV: few vulnerabilities in multiple RADIUS implementations",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=101537153021792\u0026w=2"
          },
          {
            "name": "SuSE-SA:2002:013",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html"
          },
          {
            "name": "4230",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/4230"
          },
          {
            "name": "CLA-2002:466",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000466"
          },
          {
            "name": "CA-2002-06",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.cert.org/advisories/CA-2002-06.html"
          },
          {
            "name": "FreeBSD-SN-02:02",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2001-11-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-10-17T13:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2002:030",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2002-030.html"
        },
        {
          "name": "radius-vendor-attribute-dos(8354)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "http://www.iss.net/security_center/static/8354.php"
        },
        {
          "name": "VU#936683",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/936683"
        },
        {
          "name": "20020305 SECURITY.NNOV: few vulnerabilities in multiple RADIUS implementations",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=101537153021792\u0026w=2"
        },
        {
          "name": "SuSE-SA:2002:013",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html"
        },
        {
          "name": "4230",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/4230"
        },
        {
          "name": "CLA-2002:466",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000466"
        },
        {
          "name": "CA-2002-06",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.cert.org/advisories/CA-2002-06.html"
        },
        {
          "name": "FreeBSD-SN-02:02",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2001-1377",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2002:030",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2002-030.html"
            },
            {
              "name": "radius-vendor-attribute-dos(8354)",
              "refsource": "XF",
              "url": "http://www.iss.net/security_center/static/8354.php"
            },
            {
              "name": "VU#936683",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/936683"
            },
            {
              "name": "20020305 SECURITY.NNOV: few vulnerabilities in multiple RADIUS implementations",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=101537153021792\u0026w=2"
            },
            {
              "name": "SuSE-SA:2002:013",
              "refsource": "SUSE",
              "url": "http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html"
            },
            {
              "name": "4230",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/4230"
            },
            {
              "name": "CLA-2002:466",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000466"
            },
            {
              "name": "CA-2002-06",
              "refsource": "CERT",
              "url": "http://www.cert.org/advisories/CA-2002-06.html"
            },
            {
              "name": "FreeBSD-SN-02:02",
              "refsource": "FREEBSD",
              "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2001-1377",
    "datePublished": "2002-06-11T04:00:00",
    "dateReserved": "2002-06-11T00:00:00",
    "dateUpdated": "2024-08-08T04:51:08.453Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2001-1376

Vulnerability from cvelistv5

Published

2002-06-11 04:00

Modified

2024-08-08 04:51

Severity ?

Summary

Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data.

References

▼	URL	Tags
	http://www.redhat.com/support/errata/RHSA-2002-030.html	vendor-advisory, x_refsource_REDHAT
	http://online.securityfocus.com/archive/1/239784	mailing-list, x_refsource_BUGTRAQ
	https://exchange.xforce.ibmcloud.com/vulnerabilities/7534	vdb-entry, x_refsource_XF
	http://www.kb.cert.org/vuls/id/589523	third-party-advisory, x_refsource_CERT-VN
	http://marc.info/?l=bugtraq&m=101537153021792&w=2	mailing-list, x_refsource_BUGTRAQ
	http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html	vendor-advisory, x_refsource_SUSE
	http://www.securityfocus.com/bid/3530	vdb-entry, x_refsource_BID
	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466	vendor-advisory, x_refsource_CONECTIVA
	http://www.cert.org/advisories/CA-2002-06.html	third-party-advisory, x_refsource_CERT

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T04:51:08.227Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2002:030",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2002-030.html"
          },
          {
            "name": "20011113 More problems with RADIUS (protocol and implementations)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://online.securityfocus.com/archive/1/239784"
          },
          {
            "name": "radius-message-digest-bo(7534)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7534"
          },
          {
            "name": "VU#589523",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/589523"
          },
          {
            "name": "20020305 SECURITY.NNOV: few vulnerabilities in multiple RADIUS implementations",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=101537153021792\u0026w=2"
          },
          {
            "name": "SuSE-SA:2002:013",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html"
          },
          {
            "name": "3530",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/3530"
          },
          {
            "name": "CLA-2002:466",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000466"
          },
          {
            "name": "CA-2002-06",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.cert.org/advisories/CA-2002-06.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2001-11-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2002:030",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2002-030.html"
        },
        {
          "name": "20011113 More problems with RADIUS (protocol and implementations)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://online.securityfocus.com/archive/1/239784"
        },
        {
          "name": "radius-message-digest-bo(7534)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7534"
        },
        {
          "name": "VU#589523",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/589523"
        },
        {
          "name": "20020305 SECURITY.NNOV: few vulnerabilities in multiple RADIUS implementations",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=101537153021792\u0026w=2"
        },
        {
          "name": "SuSE-SA:2002:013",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html"
        },
        {
          "name": "3530",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/3530"
        },
        {
          "name": "CLA-2002:466",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000466"
        },
        {
          "name": "CA-2002-06",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.cert.org/advisories/CA-2002-06.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2001-1376",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2002:030",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2002-030.html"
            },
            {
              "name": "20011113 More problems with RADIUS (protocol and implementations)",
              "refsource": "BUGTRAQ",
              "url": "http://online.securityfocus.com/archive/1/239784"
            },
            {
              "name": "radius-message-digest-bo(7534)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7534"
            },
            {
              "name": "VU#589523",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/589523"
            },
            {
              "name": "20020305 SECURITY.NNOV: few vulnerabilities in multiple RADIUS implementations",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=101537153021792\u0026w=2"
            },
            {
              "name": "SuSE-SA:2002:013",
              "refsource": "SUSE",
              "url": "http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html"
            },
            {
              "name": "3530",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/3530"
            },
            {
              "name": "CLA-2002:466",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000466"
            },
            {
              "name": "CA-2002-06",
              "refsource": "CERT",
              "url": "http://www.cert.org/advisories/CA-2002-06.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2001-1376",
    "datePublished": "2002-06-11T04:00:00",
    "dateReserved": "2002-06-11T00:00:00",
    "dateUpdated": "2024-08-08T04:51:08.227Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

All the vulnerabilites related to livingston - radius

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

cve-1999-0244

Vulnerability from cvelistv5

cve-2001-1377

Vulnerability from cvelistv5

cve-2001-1376

Vulnerability from cvelistv5