FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (core dump) via malformed USR vendor-specific attributes (VSA) that cause a memcpy operation with a -1 argument.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Freeradius | Freeradius | 0.2 (including) | 0.2 (including) |
| Freeradius | Freeradius | 0.3 (including) | 0.3 (including) |
| Freeradius | Freeradius | 0.4 (including) | 0.4 (including) |
| Freeradius | Freeradius | 0.5 (including) | 0.5 (including) |
| Freeradius | Freeradius | 0.8 (including) | 0.8 (including) |
| Freeradius | Freeradius | 0.8.1 (including) | 0.8.1 (including) |
| Freeradius | Freeradius | 0.9 (including) | 0.9 (including) |
| Freeradius | Freeradius | 0.9.1 (including) | 0.9.1 (including) |
| Freeradius | Freeradius | 0.9.2 (including) | 0.9.2 (including) |
| Freeradius | Freeradius | 0.9.3 (including) | 0.9.3 (including) |
| Freeradius | Freeradius | 1.0.0 (including) | 1.0.0 (including) |
| Red Hat Enterprise Linux 3 | RedHat | freeradius-0:1.0.1-1.RHEL3 | * |
References
- http://security.gentoo.org/glsa/glsa-200409-29.xml
- http://www.kb.cert.org/vuls/id/541574
- http://www.securityfocus.com/bid/11222
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17440
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11023
- http://security.gentoo.org/glsa/glsa-200409-29.xml
- http://www.kb.cert.org/vuls/id/541574
- http://www.securityfocus.com/bid/11222
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17440
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11023