cvelistv5 - cve-2001-1377

CVE-2001-1377 (GCVE-0-2001-1377)

Vulnerability from cvelistv5

Published

2002-06-11 04:00

Modified

2024-08-08 04:51

Severity ?

Summary

Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2.

References

URL	Tags
cve@mitre.org	ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc
cve@mitre.org	http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html
cve@mitre.org	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466
cve@mitre.org	http://marc.info/?l=bugtraq&m=101537153021792&w=2
cve@mitre.org	http://www.cert.org/advisories/CA-2002-06.html	Patch, Third Party Advisory, US Government Resource
cve@mitre.org	http://www.iss.net/security_center/static/8354.php	Patch, Vendor Advisory
cve@mitre.org	http://www.kb.cert.org/vuls/id/936683	Patch, Third Party Advisory, US Government Resource
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2002-030.html
cve@mitre.org	http://www.securityfocus.com/bid/4230	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html
af854a3a-2127-422b-91ae-364da2661108	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=101537153021792&w=2
af854a3a-2127-422b-91ae-364da2661108	http://www.cert.org/advisories/CA-2002-06.html	Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.iss.net/security_center/static/8354.php	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/936683	Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2002-030.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/4230	Patch, Vendor Advisory

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-08T04:51:08.453Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2002:030",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://www.redhat.com/support/errata/RHSA-2002-030.html",
               },
               {
                  name: "radius-vendor-attribute-dos(8354)",
                  tags: [
                     "vdb-entry",
                     "x_refsource_XF",
                     "x_transferred",
                  ],
                  url: "http://www.iss.net/security_center/static/8354.php",
               },
               {
                  name: "VU#936683",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_CERT-VN",
                     "x_transferred",
                  ],
                  url: "http://www.kb.cert.org/vuls/id/936683",
               },
               {
                  name: "20020305 SECURITY.NNOV: few vulnerabilities in multiple RADIUS implementations",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=101537153021792&w=2",
               },
               {
                  name: "SuSE-SA:2002:013",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html",
               },
               {
                  name: "4230",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/4230",
               },
               {
                  name: "CLA-2002:466",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CONECTIVA",
                     "x_transferred",
                  ],
                  url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466",
               },
               {
                  name: "CA-2002-06",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_CERT",
                     "x_transferred",
                  ],
                  url: "http://www.cert.org/advisories/CA-2002-06.html",
               },
               {
                  name: "FreeBSD-SN-02:02",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FREEBSD",
                     "x_transferred",
                  ],
                  url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2001-11-13T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2016-10-17T13:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "RHSA-2002:030",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://www.redhat.com/support/errata/RHSA-2002-030.html",
            },
            {
               name: "radius-vendor-attribute-dos(8354)",
               tags: [
                  "vdb-entry",
                  "x_refsource_XF",
               ],
               url: "http://www.iss.net/security_center/static/8354.php",
            },
            {
               name: "VU#936683",
               tags: [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
               ],
               url: "http://www.kb.cert.org/vuls/id/936683",
            },
            {
               name: "20020305 SECURITY.NNOV: few vulnerabilities in multiple RADIUS implementations",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "http://marc.info/?l=bugtraq&m=101537153021792&w=2",
            },
            {
               name: "SuSE-SA:2002:013",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html",
            },
            {
               name: "4230",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/4230",
            },
            {
               name: "CLA-2002:466",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
               ],
               url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466",
            },
            {
               name: "CA-2002-06",
               tags: [
                  "third-party-advisory",
                  "x_refsource_CERT",
               ],
               url: "http://www.cert.org/advisories/CA-2002-06.html",
            },
            {
               name: "FreeBSD-SN-02:02",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FREEBSD",
               ],
               url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2001-1377",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "RHSA-2002:030",
                     refsource: "REDHAT",
                     url: "http://www.redhat.com/support/errata/RHSA-2002-030.html",
                  },
                  {
                     name: "radius-vendor-attribute-dos(8354)",
                     refsource: "XF",
                     url: "http://www.iss.net/security_center/static/8354.php",
                  },
                  {
                     name: "VU#936683",
                     refsource: "CERT-VN",
                     url: "http://www.kb.cert.org/vuls/id/936683",
                  },
                  {
                     name: "20020305 SECURITY.NNOV: few vulnerabilities in multiple RADIUS implementations",
                     refsource: "BUGTRAQ",
                     url: "http://marc.info/?l=bugtraq&m=101537153021792&w=2",
                  },
                  {
                     name: "SuSE-SA:2002:013",
                     refsource: "SUSE",
                     url: "http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html",
                  },
                  {
                     name: "4230",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/4230",
                  },
                  {
                     name: "CLA-2002:466",
                     refsource: "CONECTIVA",
                     url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466",
                  },
                  {
                     name: "CA-2002-06",
                     refsource: "CERT",
                     url: "http://www.cert.org/advisories/CA-2002-06.html",
                  },
                  {
                     name: "FreeBSD-SN-02:02",
                     refsource: "FREEBSD",
                     url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2001-1377",
      datePublished: "2002-06-11T04:00:00",
      dateReserved: "2002-06-11T00:00:00",
      dateUpdated: "2024-08-08T04:51:08.453Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      fkie_nvd: {
         configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:freeradius:freeradius:0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5AEDD86F-92B9-43EC-80E3-54010E249FC6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:freeradius:freeradius:0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFDB110B-4057-4BA4-993A-9DA14888A093\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:radius:0.92.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F5B0DFDC-913E-4358-9BF1-6AA1F871CB4B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:radius:0.93:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F332DA97-B327-45E0-8948-18C2C7278757\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:radius:0.94:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"67632403-328E-4149-B0EC-2B563DDD7FD8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:radius:0.95:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F6945F8-EB40-4205-9585-3BF9A132406E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:icradius:icradius:0.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2A28A174-45A4-4886-8C87-2D475F9ABF18\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:icradius:icradius:0.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A949E3FF-5360-4FC1-95E5-AB5080156D77\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:icradius:icradius:0.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D000F534-1BF0-40A8-BD2B-9EBAF71D6FA3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:icradius:icradius:0.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"15253C62-0FCC-4699-9CC5-486F23CDD1E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:icradius:icradius:0.17b:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D01B8A1D-A4EC-4B92-A9EC-BECB35185ECC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:icradius:icradius:0.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"10DD81E4-732C-4F23-80A7-987FCC0511D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:icradius:icradius:0.18.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"28A5F502-7DA3-44E2-AEFB-6D1FD7121F7C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:livingston:radius:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8C2894BE-AE8B-491C-A776-5D2821D4DFB4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:livingston:radius:2.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"92CD1A39-33F6-47C3-8899-286C07C9C219\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:livingston:radius:2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E3133364-7726-4BFA-A552-03533F762161\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:lucent:radius:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"96927B69-BA71-460B-8A59-CF3FC93C9661\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:lucent:radius:2.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"056AD200-84E8-4B99-863F-C1D61A6B4C7F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:lucent:radius:2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6FCE2BA9-35E0-410A-B9CC-C77C9D95338E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4999A95F-9124-4585-B78C-34B8CDA87250\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"28DC815B-6648-4C3A-A66C-264EE6903CE7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"627CD710-183C-433B-9CC6-804C8A726FE4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA442BB3-4DAE-402C-8F3C-DFCA4C3EE63A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE605C8B-316E-4C04-B5D1-97A0E2719DBB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6_.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"13CF26C7-90DB-46FB-AE08-936FF7C324F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openradius:openradius:0.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"15B965F5-E32D-4824-9A4B-0A2507CD167E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openradius:openradius:0.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C211927E-DE7F-450F-918B-DC3EAF6C5743\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openradius:openradius:0.9.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A74F1BA-3E1A-4073-A290-C086B6388F75\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openradius:openradius:0.9.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CDDB28FF-D0B4-45A4-A2E7-C56B4D660204\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openradius:openradius:0.9.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5263133F-0C92-4C16-B933-71AEAE9C33BC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:radiusclient:radiusclient:0.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ACE414B4-5E23-4DE9-AD86-8FE51CCE723B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:xtradius:xtradius:1.1_pre1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F6713B65-D941-4DCE-AA63-FE0B408E575B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:xtradius:xtradius:1.1_pre2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"43B671B4-7B26-4F43-A477-1EE7F1E74245\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:yard_radius:yard_radius:1.0.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7326E7C2-F310-4820-A36D-C7045E6ED721\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:yard_radius:yard_radius:1.0.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C37D50E1-E8E1-4D07-93D2-D8DEE13872D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:yard_radius:yard_radius:1.0.19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"792AB6F5-0916-482B-A868-BC41B7A6EFE1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:yard_radius:yard_radius:1.0_pre13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4A295E4-7D6D-4906-84D4-BB80AF58422E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:yard_radius:yard_radius:1.0_pre14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A1FEC14-198C-46D1-8F96-9D91B9733A55\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:yard_radius:yard_radius:1.0_pre15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB2830F3-FB3A-4833-9027-B4933BA813ED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:yard_radius_project:yard_radius:1.0.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"95CC863F-9448-4692-AB9C-BA218D2313CF\"}]}]}]",
         descriptions: "[{\"lang\": \"en\", \"value\": \"Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2.\"}]",
         id: "CVE-2001-1377",
         lastModified: "2024-11-20T23:37:32.877",
         metrics: "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
         published: "2002-03-04T05:00:00.000",
         references: "[{\"url\": \"ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=101537153021792&w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.cert.org/advisories/CA-2002-06.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.iss.net/security_center/static/8354.php\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/936683\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2002-030.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/4230\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=101537153021792&w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.cert.org/advisories/CA-2002-06.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.iss.net/security_center/static/8354.php\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/936683\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2002-030.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/4230\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
         sourceIdentifier: "cve@mitre.org",
         vulnStatus: "Modified",
         weaknesses: "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]",
      },
      nvd: "{\"cve\":{\"id\":\"CVE-2001-1377\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2002-03-04T05:00:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freeradius:freeradius:0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AEDD86F-92B9-43EC-80E3-54010E249FC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freeradius:freeradius:0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFDB110B-4057-4BA4-993A-9DA14888A093\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:radius:0.92.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5B0DFDC-913E-4358-9BF1-6AA1F871CB4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:radius:0.93:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F332DA97-B327-45E0-8948-18C2C7278757\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:radius:0.94:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67632403-328E-4149-B0EC-2B563DDD7FD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:radius:0.95:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F6945F8-EB40-4205-9585-3BF9A132406E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:icradius:icradius:0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A28A174-45A4-4886-8C87-2D475F9ABF18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:icradius:icradius:0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A949E3FF-5360-4FC1-95E5-AB5080156D77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:icradius:icradius:0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D000F534-1BF0-40A8-BD2B-9EBAF71D6FA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:icradius:icradius:0.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15253C62-0FCC-4699-9CC5-486F23CDD1E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:icradius:icradius:0.17b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D01B8A1D-A4EC-4B92-A9EC-BECB35185ECC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:icradius:icradius:0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10DD81E4-732C-4F23-80A7-987FCC0511D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:icradius:icradius:0.18.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28A5F502-7DA3-44E2-AEFB-6D1FD7121F7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:livingston:radius:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C2894BE-AE8B-491C-A776-5D2821D4DFB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:livingston:radius:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92CD1A39-33F6-47C3-8899-286C07C9C219\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:livingston:radius:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3133364-7726-4BFA-A552-03533F762161\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:lucent:radius:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96927B69-BA71-460B-8A59-CF3FC93C9661\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:lucent:radius:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"056AD200-84E8-4B99-863F-C1D61A6B4C7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:lucent:radius:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FCE2BA9-35E0-410A-B9CC-C77C9D95338E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4999A95F-9124-4585-B78C-34B8CDA87250\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28DC815B-6648-4C3A-A66C-264EE6903CE7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"627CD710-183C-433B-9CC6-804C8A726FE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA442BB3-4DAE-402C-8F3C-DFCA4C3EE63A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE605C8B-316E-4C04-B5D1-97A0E2719DBB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6_.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13CF26C7-90DB-46FB-AE08-936FF7C324F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openradius:openradius:0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15B965F5-E32D-4824-9A4B-0A2507CD167E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openradius:openradius:0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C211927E-DE7F-450F-918B-DC3EAF6C5743\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openradius:openradius:0.9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A74F1BA-3E1A-4073-A290-C086B6388F75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openradius:openradius:0.9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDDB28FF-D0B4-45A4-A2E7-C56B4D660204\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openradius:openradius:0.9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5263133F-0C92-4C16-B933-71AEAE9C33BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:radiusclient:radiusclient:0.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACE414B4-5E23-4DE9-AD86-8FE51CCE723B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xtradius:xtradius:1.1_pre1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6713B65-D941-4DCE-AA63-FE0B408E575B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xtradius:xtradius:1.1_pre2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43B671B4-7B26-4F43-A477-1EE7F1E74245\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:yard_radius:yard_radius:1.0.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7326E7C2-F310-4820-A36D-C7045E6ED721\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:yard_radius:yard_radius:1.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C37D50E1-E8E1-4D07-93D2-D8DEE13872D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:yard_radius:yard_radius:1.0.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"792AB6F5-0916-482B-A868-BC41B7A6EFE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:yard_radius:yard_radius:1.0_pre13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4A295E4-7D6D-4906-84D4-BB80AF58422E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:yard_radius:yard_radius:1.0_pre14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A1FEC14-198C-46D1-8F96-9D91B9733A55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:yard_radius:yard_radius:1.0_pre15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB2830F3-FB3A-4833-9027-B4933BA813ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:yard_radius_project:yard_radius:1.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95CC863F-9448-4692-AB9C-BA218D2313CF\"}]}]}],\"references\":[{\"url\":\"ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=101537153021792&w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.cert.org/advisories/CA-2002-06.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.iss.net/security_center/static/8354.php\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/936683\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2002-030.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/4230\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=101537153021792&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.cert.org/advisories/CA-2002-06.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.iss.net/security_center/static/8354.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/936683\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2002-030.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/4230\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}",
   },
}

ghsa-365r-qwgj-mv9r

Vulnerability from github

Published

2022-05-03 03:07

Modified

2022-05-03 03:07

Details

Show details on source website

JSON

To clipboard

{
   affected: [],
   aliases: [
      "CVE-2001-1377",
   ],
   database_specific: {
      cwe_ids: [],
      github_reviewed: false,
      github_reviewed_at: null,
      nvd_published_at: "2002-03-04T05:00:00Z",
      severity: "MODERATE",
   },
   details: "Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2.",
   id: "GHSA-365r-qwgj-mv9r",
   modified: "2022-05-03T03:07:16Z",
   published: "2022-05-03T03:07:16Z",
   references: [
      {
         type: "ADVISORY",
         url: "https://nvd.nist.gov/vuln/detail/CVE-2001-1377",
      },
      {
         type: "WEB",
         url: "http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html",
      },
      {
         type: "WEB",
         url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466",
      },
      {
         type: "WEB",
         url: "http://marc.info/?l=bugtraq&m=101537153021792&w=2",
      },
      {
         type: "WEB",
         url: "http://www.cert.org/advisories/CA-2002-06.html",
      },
      {
         type: "WEB",
         url: "http://www.iss.net/security_center/static/8354.php",
      },
      {
         type: "WEB",
         url: "http://www.kb.cert.org/vuls/id/936683",
      },
      {
         type: "WEB",
         url: "http://www.redhat.com/support/errata/RHSA-2002-030.html",
      },
      {
         type: "WEB",
         url: "http://www.securityfocus.com/bid/4230",
      },
   ],
   schema_version: "1.4.0",
   severity: [],
}

fkie_cve-2001-1377

Vulnerability from fkie_nvd

Published

2002-03-04 05:00

Modified

2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
cve@mitre.org	ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc
cve@mitre.org	http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html
cve@mitre.org	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466
cve@mitre.org	http://marc.info/?l=bugtraq&m=101537153021792&w=2
cve@mitre.org	http://www.cert.org/advisories/CA-2002-06.html	Patch, Third Party Advisory, US Government Resource
cve@mitre.org	http://www.iss.net/security_center/static/8354.php	Patch, Vendor Advisory
cve@mitre.org	http://www.kb.cert.org/vuls/id/936683	Patch, Third Party Advisory, US Government Resource
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2002-030.html
cve@mitre.org	http://www.securityfocus.com/bid/4230	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html
af854a3a-2127-422b-91ae-364da2661108	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=101537153021792&w=2
af854a3a-2127-422b-91ae-364da2661108	http://www.cert.org/advisories/CA-2002-06.html	Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.iss.net/security_center/static/8354.php	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/936683	Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2002-030.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/4230	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
freeradius	freeradius	0.2
freeradius	freeradius	0.3
gnu	radius	0.92.1
gnu	radius	0.93
gnu	radius	0.94
gnu	radius	0.95
icradius	icradius	0.14
icradius	icradius	0.15
icradius	icradius	0.16
icradius	icradius	0.17
icradius	icradius	0.17b
icradius	icradius	0.18
icradius	icradius	0.18.1
livingston	radius	2.0
livingston	radius	2.0.1
livingston	radius	2.1
lucent	radius	2.0
lucent	radius	2.0.1
lucent	radius	2.1
miquel_van_smoorenburg_cistron	radius	1.6.1
miquel_van_smoorenburg_cistron	radius	1.6.2
miquel_van_smoorenburg_cistron	radius	1.6.3
miquel_van_smoorenburg_cistron	radius	1.6.4
miquel_van_smoorenburg_cistron	radius	1.6.5
miquel_van_smoorenburg_cistron	radius	1.6_.0
openradius	openradius	0.8
openradius	openradius	0.9
openradius	openradius	0.9.1
openradius	openradius	0.9.2
openradius	openradius	0.9.3
radiusclient	radiusclient	0.3.1
xtradius	xtradius	1.1_pre1
xtradius	xtradius	1.1_pre2
yard_radius	yard_radius	1.0.17
yard_radius	yard_radius	1.0.18
yard_radius	yard_radius	1.0.19
yard_radius	yard_radius	1.0_pre13
yard_radius	yard_radius	1.0_pre14
yard_radius	yard_radius	1.0_pre15
yard_radius_project	yard_radius	1.0.16

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:freeradius:freeradius:0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "5AEDD86F-92B9-43EC-80E3-54010E249FC6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freeradius:freeradius:0.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "BFDB110B-4057-4BA4-993A-9DA14888A093",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:gnu:radius:0.92.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "F5B0DFDC-913E-4358-9BF1-6AA1F871CB4B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:gnu:radius:0.93:*:*:*:*:*:*:*",
                     matchCriteriaId: "F332DA97-B327-45E0-8948-18C2C7278757",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:gnu:radius:0.94:*:*:*:*:*:*:*",
                     matchCriteriaId: "67632403-328E-4149-B0EC-2B563DDD7FD8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:gnu:radius:0.95:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F6945F8-EB40-4205-9585-3BF9A132406E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:icradius:icradius:0.14:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A28A174-45A4-4886-8C87-2D475F9ABF18",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:icradius:icradius:0.15:*:*:*:*:*:*:*",
                     matchCriteriaId: "A949E3FF-5360-4FC1-95E5-AB5080156D77",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:icradius:icradius:0.16:*:*:*:*:*:*:*",
                     matchCriteriaId: "D000F534-1BF0-40A8-BD2B-9EBAF71D6FA3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:icradius:icradius:0.17:*:*:*:*:*:*:*",
                     matchCriteriaId: "15253C62-0FCC-4699-9CC5-486F23CDD1E7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:icradius:icradius:0.17b:*:*:*:*:*:*:*",
                     matchCriteriaId: "D01B8A1D-A4EC-4B92-A9EC-BECB35185ECC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:icradius:icradius:0.18:*:*:*:*:*:*:*",
                     matchCriteriaId: "10DD81E4-732C-4F23-80A7-987FCC0511D3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:icradius:icradius:0.18.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "28A5F502-7DA3-44E2-AEFB-6D1FD7121F7C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:livingston:radius:2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8C2894BE-AE8B-491C-A776-5D2821D4DFB4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:livingston:radius:2.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "92CD1A39-33F6-47C3-8899-286C07C9C219",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:livingston:radius:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3133364-7726-4BFA-A552-03533F762161",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:lucent:radius:2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "96927B69-BA71-460B-8A59-CF3FC93C9661",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:lucent:radius:2.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "056AD200-84E8-4B99-863F-C1D61A6B4C7F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:lucent:radius:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "6FCE2BA9-35E0-410A-B9CC-C77C9D95338E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "4999A95F-9124-4585-B78C-34B8CDA87250",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "28DC815B-6648-4C3A-A66C-264EE6903CE7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "627CD710-183C-433B-9CC6-804C8A726FE4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA442BB3-4DAE-402C-8F3C-DFCA4C3EE63A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE605C8B-316E-4C04-B5D1-97A0E2719DBB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6_.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "13CF26C7-90DB-46FB-AE08-936FF7C324F9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openradius:openradius:0.8:*:*:*:*:*:*:*",
                     matchCriteriaId: "15B965F5-E32D-4824-9A4B-0A2507CD167E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openradius:openradius:0.9:*:*:*:*:*:*:*",
                     matchCriteriaId: "C211927E-DE7F-450F-918B-DC3EAF6C5743",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openradius:openradius:0.9.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A74F1BA-3E1A-4073-A290-C086B6388F75",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openradius:openradius:0.9.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "CDDB28FF-D0B4-45A4-A2E7-C56B4D660204",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openradius:openradius:0.9.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "5263133F-0C92-4C16-B933-71AEAE9C33BC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:radiusclient:radiusclient:0.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "ACE414B4-5E23-4DE9-AD86-8FE51CCE723B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:xtradius:xtradius:1.1_pre1:*:*:*:*:*:*:*",
                     matchCriteriaId: "F6713B65-D941-4DCE-AA63-FE0B408E575B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:xtradius:xtradius:1.1_pre2:*:*:*:*:*:*:*",
                     matchCriteriaId: "43B671B4-7B26-4F43-A477-1EE7F1E74245",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:yard_radius:yard_radius:1.0.17:*:*:*:*:*:*:*",
                     matchCriteriaId: "7326E7C2-F310-4820-A36D-C7045E6ED721",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:yard_radius:yard_radius:1.0.18:*:*:*:*:*:*:*",
                     matchCriteriaId: "C37D50E1-E8E1-4D07-93D2-D8DEE13872D9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:yard_radius:yard_radius:1.0.19:*:*:*:*:*:*:*",
                     matchCriteriaId: "792AB6F5-0916-482B-A868-BC41B7A6EFE1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:yard_radius:yard_radius:1.0_pre13:*:*:*:*:*:*:*",
                     matchCriteriaId: "F4A295E4-7D6D-4906-84D4-BB80AF58422E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:yard_radius:yard_radius:1.0_pre14:*:*:*:*:*:*:*",
                     matchCriteriaId: "9A1FEC14-198C-46D1-8F96-9D91B9733A55",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:yard_radius:yard_radius:1.0_pre15:*:*:*:*:*:*:*",
                     matchCriteriaId: "DB2830F3-FB3A-4833-9027-B4933BA813ED",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:yard_radius_project:yard_radius:1.0.16:*:*:*:*:*:*:*",
                     matchCriteriaId: "95CC863F-9448-4692-AB9C-BA218D2313CF",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2.",
      },
   ],
   id: "CVE-2001-1377",
   lastModified: "2025-04-03T01:03:51.193",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2002-03-04T05:00:00.000",
   references: [
      {
         source: "cve@mitre.org",
         url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc",
      },
      {
         source: "cve@mitre.org",
         url: "http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html",
      },
      {
         source: "cve@mitre.org",
         url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466",
      },
      {
         source: "cve@mitre.org",
         url: "http://marc.info/?l=bugtraq&m=101537153021792&w=2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
            "US Government Resource",
         ],
         url: "http://www.cert.org/advisories/CA-2002-06.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://www.iss.net/security_center/static/8354.php",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
            "US Government Resource",
         ],
         url: "http://www.kb.cert.org/vuls/id/936683",
      },
      {
         source: "cve@mitre.org",
         url: "http://www.redhat.com/support/errata/RHSA-2002-030.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://www.securityfocus.com/bid/4230",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://marc.info/?l=bugtraq&m=101537153021792&w=2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
            "US Government Resource",
         ],
         url: "http://www.cert.org/advisories/CA-2002-06.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://www.iss.net/security_center/static/8354.php",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
            "US Government Resource",
         ],
         url: "http://www.kb.cert.org/vuls/id/936683",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.redhat.com/support/errata/RHSA-2002-030.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://www.securityfocus.com/bid/4230",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Deferred",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-Other",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

gsd-2001-1377

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Aliases

CVE-2001-1377

Aliases

CVE-2001-1377

JSON

To clipboard

{
   GSD: {
      alias: "CVE-2001-1377",
      description: "Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2.",
      id: "GSD-2001-1377",
      references: [
         "https://access.redhat.com/errata/RHSA-2002:030",
      ],
   },
   gsd: {
      metadata: {
         exploitCode: "unknown",
         remediation: "unknown",
         reportConfidence: "confirmed",
         type: "vulnerability",
      },
      osvSchema: {
         aliases: [
            "CVE-2001-1377",
         ],
         details: "Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2.",
         id: "GSD-2001-1377",
         modified: "2023-12-13T01:19:02.484348Z",
         schema_version: "1.4.0",
      },
   },
   namespaces: {
      "cve.org": {
         CVE_data_meta: {
            ASSIGNER: "cve@mitre.org",
            ID: "CVE-2001-1377",
            STATE: "PUBLIC",
         },
         affects: {
            vendor: {
               vendor_data: [
                  {
                     product: {
                        product_data: [
                           {
                              product_name: "n/a",
                              version: {
                                 version_data: [
                                    {
                                       version_value: "n/a",
                                    },
                                 ],
                              },
                           },
                        ],
                     },
                     vendor_name: "n/a",
                  },
               ],
            },
         },
         data_format: "MITRE",
         data_type: "CVE",
         data_version: "4.0",
         description: {
            description_data: [
               {
                  lang: "eng",
                  value: "Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2.",
               },
            ],
         },
         problemtype: {
            problemtype_data: [
               {
                  description: [
                     {
                        lang: "eng",
                        value: "n/a",
                     },
                  ],
               },
            ],
         },
         references: {
            reference_data: [
               {
                  name: "RHSA-2002:030",
                  refsource: "REDHAT",
                  url: "http://www.redhat.com/support/errata/RHSA-2002-030.html",
               },
               {
                  name: "radius-vendor-attribute-dos(8354)",
                  refsource: "XF",
                  url: "http://www.iss.net/security_center/static/8354.php",
               },
               {
                  name: "VU#936683",
                  refsource: "CERT-VN",
                  url: "http://www.kb.cert.org/vuls/id/936683",
               },
               {
                  name: "20020305 SECURITY.NNOV: few vulnerabilities in multiple RADIUS implementations",
                  refsource: "BUGTRAQ",
                  url: "http://marc.info/?l=bugtraq&m=101537153021792&w=2",
               },
               {
                  name: "SuSE-SA:2002:013",
                  refsource: "SUSE",
                  url: "http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html",
               },
               {
                  name: "4230",
                  refsource: "BID",
                  url: "http://www.securityfocus.com/bid/4230",
               },
               {
                  name: "CLA-2002:466",
                  refsource: "CONECTIVA",
                  url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466",
               },
               {
                  name: "CA-2002-06",
                  refsource: "CERT",
                  url: "http://www.cert.org/advisories/CA-2002-06.html",
               },
               {
                  name: "FreeBSD-SN-02:02",
                  refsource: "FREEBSD",
                  url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc",
               },
            ],
         },
      },
      "nvd.nist.gov": {
         configurations: {
            CVE_data_version: "4.0",
            nodes: [
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:a:freeradius:freeradius:0.2:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:icradius:icradius:0.15:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:icradius:icradius:0.16:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:livingston:radius:2.1:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:lucent:radius:2.0:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6_.0:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:openradius:openradius:0.8:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:xtradius:xtradius:1.1_pre2:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:yard_radius_project:yard_radius:1.0.16:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:freeradius:freeradius:0.3:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:gnu:radius:0.92.1:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:icradius:icradius:0.17:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:icradius:icradius:0.17b:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:lucent:radius:2.0.1:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:lucent:radius:2.1:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:openradius:openradius:0.9:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:openradius:openradius:0.9.1:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:yard_radius:yard_radius:1.0.17:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:yard_radius:yard_radius:1.0.18:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:gnu:radius:0.95:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:icradius:icradius:0.14:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:livingston:radius:2.0:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:livingston:radius:2.0.1:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.3:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.4:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.5:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:radiusclient:radiusclient:0.3.1:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:xtradius:xtradius:1.1_pre1:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:yard_radius:yard_radius:1.0_pre14:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:yard_radius:yard_radius:1.0_pre15:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:gnu:radius:0.93:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:gnu:radius:0.94:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:icradius:icradius:0.18:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:icradius:icradius:0.18.1:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.1:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.2:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:openradius:openradius:0.9.2:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:openradius:openradius:0.9.3:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:yard_radius:yard_radius:1.0.19:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:yard_radius:yard_radius:1.0_pre13:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                  ],
                  operator: "OR",
               },
            ],
         },
         cve: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2001-1377",
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "en",
                     value: "Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "en",
                           value: "NVD-CWE-Other",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "VU#936683",
                     refsource: "CERT-VN",
                     tags: [
                        "Patch",
                        "Third Party Advisory",
                        "US Government Resource",
                     ],
                     url: "http://www.kb.cert.org/vuls/id/936683",
                  },
                  {
                     name: "CA-2002-06",
                     refsource: "CERT",
                     tags: [
                        "Patch",
                        "Third Party Advisory",
                        "US Government Resource",
                     ],
                     url: "http://www.cert.org/advisories/CA-2002-06.html",
                  },
                  {
                     name: "radius-vendor-attribute-dos(8354)",
                     refsource: "XF",
                     tags: [
                        "Patch",
                        "Vendor Advisory",
                     ],
                     url: "http://www.iss.net/security_center/static/8354.php",
                  },
                  {
                     name: "4230",
                     refsource: "BID",
                     tags: [
                        "Patch",
                        "Vendor Advisory",
                     ],
                     url: "http://www.securityfocus.com/bid/4230",
                  },
                  {
                     name: "FreeBSD-SN-02:02",
                     refsource: "FREEBSD",
                     tags: [],
                     url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc",
                  },
                  {
                     name: "RHSA-2002:030",
                     refsource: "REDHAT",
                     tags: [],
                     url: "http://www.redhat.com/support/errata/RHSA-2002-030.html",
                  },
                  {
                     name: "SuSE-SA:2002:013",
                     refsource: "SUSE",
                     tags: [],
                     url: "http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html",
                  },
                  {
                     name: "CLA-2002:466",
                     refsource: "CONECTIVA",
                     tags: [],
                     url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466",
                  },
                  {
                     name: "20020305 SECURITY.NNOV: few vulnerabilities in multiple RADIUS implementations",
                     refsource: "BUGTRAQ",
                     tags: [],
                     url: "http://marc.info/?l=bugtraq&m=101537153021792&w=2",
                  },
               ],
            },
         },
         impact: {
            baseMetricV2: {
               cvssV2: {
                  accessComplexity: "LOW",
                  accessVector: "NETWORK",
                  authentication: "NONE",
                  availabilityImpact: "PARTIAL",
                  baseScore: 5,
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                  version: "2.0",
               },
               exploitabilityScore: 10,
               impactScore: 2.9,
               obtainAllPrivilege: false,
               obtainOtherPrivilege: false,
               obtainUserPrivilege: false,
               severity: "MEDIUM",
               userInteractionRequired: false,
            },
         },
         lastModifiedDate: "2018-10-30T16:25Z",
         publishedDate: "2002-03-04T05:00Z",
      },
   },
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2001-1377 (GCVE-0-2001-1377)

Vulnerability from cvelistv5

ghsa-365r-qwgj-mv9r

Vulnerability from github

fkie_cve-2001-1377

Vulnerability from fkie_nvd

gsd-2001-1377

Vulnerability from gsd

Tags

Sightings

Nomenclature