[email protected]CVE-2005-1455

HistoryMay 19, 2005 - 4:00 a.m.

CVE-2005-1455

2005-05-1904:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-1455

buffer overflow

sql module

freeradius

denial of service

nvd

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

69.7%

JSON

Buffer overflow in the sql_escape_func function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote attackers to cause a denial of service (crash).

CPENameOperatorVersion
freeradius:freeradiusfreeradiuseq1.0.2

CPE	Name	Operator	Version
freeradius:freeradius	freeradius	eq	1.0.2

References

www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-05/0492.html

www.freeradius.org/security.html

www.gentoo.org/security/en/glsa/glsa-200505-13.xml

www.novell.com/linux/security/advisories/2005_14_sr.html

www.redhat.com/support/errata/RHSA-2005-524.html

www.securityfocus.com/bid/13541

www.securitytracker.com/alerts/2005/May/1013909.html

exchange.xforce.ibmcloud.com/vulnerabilities/20450

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9579

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

69.7%

JSON

Related for CVE-2005-1455

cvelist1 ubuntucve1 debiancve1 redhat1 nessus5 openvas6 gentoo1 centos1 freebsd1