Lucene search
HistoryDec 15, 2003 - 5:00 a.m.
CVE-2003-0967
freeradius
remote attack
denial of service
cve-2003-0967
security vulnerability
6.3 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.008 Low
EPSS
Percentile
82.0%
rad_decode in FreeRADIUS 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a short RADIUS string attribute with a tag, which causes memcpy to be called with a -1 length argument, as demonstrated using the Tunnel-Password attribute.
| CPE | Name | Operator | Version |
|---|---|---|---|
| freeradius:freeradius | freeradius | le | 0.9.2 |
Related
redhat
redhat
(RHSA-2003:386) freeradius security update
2003-12-10 00:00:00
nessus
nessus
RHEL 3 : freeradius (RHSA-2003:386)
2004-07-06 00:00:00
RHEL 5 : freeradius (RHSA-2009:1451)
2009-09-18 00:00:00
Scientific Linux Security Update : freeradius on SL5.x i386/x86_64
2012-08-01 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200311-04 (FreeRADIUS)
2008-09-24 00:00:00
RedHat Security Advisory RHSA-2009:1451
2009-09-21 00:00:00
FreeBSD Ports: freeradius
2009-12-30 00:00:00
cvelist
cvelist
CVE-2003-0967
2003-12-02 05:00:00
CVE-2009-3111
2009-09-09 18:00:00
ubuntucve
ubuntucve
CVE-2003-0967
2003-12-15 00:00:00
CVE-2009-3111
2009-09-09 00:00:00
debiancve
debiancve
CVE-2003-0967
2003-12-15 05:00:00
CVE-2009-3111
2009-09-09 18:30:00
prion
prion
Design/Logic Flaw
2009-09-09 18:30:00
securityvulns
securityvulns
[ MDVSA-2009:226 ] freeradius
2009-09-10 00:00:00
cve
cve
CVE-2009-3111
2009-09-09 18:30:00
6.3 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.008 Low
EPSS
Percentile
82.0%
Related for CVE-2003-0967