CVE-2006-4181 | Vulnerability Database | Aqua Security

Format string vulnerability in the sqllog function in the SQL accounting code for radiusd in GNU Radius 1.2 and 1.3 allows remote attackers to execute arbitrary code via unknown vectors.

Affected Software

Name	Vendor	Start Version	End Version
Radius	Gnu	1.2 (including)	1.2 (including)
Radius	Gnu	1.3 (including)	1.3 (including)

References

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=443
http://secunia.com/advisories/23087
http://security.gentoo.org/glsa/glsa-200612-17.xml
http://securitytracker.com/id?1017285
http://www.securityfocus.com/bid/21303
http://www.vupen.com/english/advisories/2006/4712
https://exchange.xforce.ibmcloud.com/vulnerabilities/30508
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=443
http://secunia.com/advisories/23087
http://security.gentoo.org/glsa/glsa-200612-17.xml
http://securitytracker.com/id?1017285
http://www.securityfocus.com/bid/21303
http://www.vupen.com/english/advisories/2006/4712
https://exchange.xforce.ibmcloud.com/vulnerabilities/30508

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-4181
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html