The rad_print_request function in logger.c for GNU Radius daemon (radiusd) before 1.2 allows remote attackers to cause a denial of service (crash) via a UDP packet with an Acct-Status-Type attribute without a value and no Acct-Session-Id attribute, which causes a null dereference.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Radius | Gnu | 1.1 (including) | 1.1 (including) |