CVE Vulnerabilities

CVE-2004-0849

Published: Dec 23, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

Integer overflow in the asn_decode_string() function defined in asn1.c in radiusd for GNU Radius 1.1 and 1.2 before 1.2.94, when compiled with the –enable-snmp option, allows remote attackers to cause a denial of service (daemon crash) via certain SNMP requests.

Affected Software

Name Vendor Start Version End Version
Radius Gnu 0.92.1 (including) 0.92.1 (including)
Radius Gnu 0.93 (including) 0.93 (including)
Radius Gnu 0.94 (including) 0.94 (including)
Radius Gnu 0.95 (including) 0.95 (including)
Radius Gnu 0.96 (including) 0.96 (including)
Radius Gnu 1.1 (including) 1.1 (including)
Radius Gnu 1.2 (including) 1.2 (including)

References