Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-2220HistoryOct 03, 2022 - 4:14 p.m.
CVE-2013-2220
2022-10-0316:14:59
Debian Security Bug Tracker
security-tracker.debian.org
11
buffer overflow
radius extension
php
denial of service
arbitrary code
remote attackers
vendor specific attributes
vsa length
unix
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.02 Low
EPSS
Percentile
88.8%
Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 11 | all | php-radius | < 1.2.5-2.4 | php-radius_1.2.5-2.4_all.deb |
| Debian | 10 | all | php-radius | < 1.2.5-2.4 | php-radius_1.2.5-2.4_all.deb |
Related
nessus
nessus
Mandriva Linux Security Advisory : php-radius (MDVSA-2013:192)
2013-07-03 00:00:00
Debian DSA-2726-1 : php-radius - buffer overflow
2013-07-28 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2013-0206)
2022-01-28 00:00:00
Debian: Security Advisory (DSA-2726-1)
2013-07-24 00:00:00
Debian Security Advisory DSA 2726-1 (php-radius - buffer overflow)
2013-07-25 00:00:00
cve
cve
CVE-2013-2220
2022-10-03 16:14:59
ubuntucve
ubuntucve
CVE-2013-2220
2013-07-31 00:00:00
osv
osv
php-radius - buffer overflow
2013-07-25 00:00:00
prion
prion
Buffer overflow
2013-07-31 13:20:00
mageia
mageia
Updated php-radius packages fix CVE-2013-2220
2013-07-09 22:33:38
debian
debian
[SECURITY] [DSA 2726-1] php-radius security update
2013-07-25 18:00:42
securityvulns
securityvulns
php-radius buffer overflow
2013-07-08 00:00:00
[ MDVSA-2013:192 ] php-radius
2013-07-08 00:00:00
cvelist
cvelist
CVE-2013-2220
2022-10-03 16:14:59
nvd
nvd
CVE-2013-2220
2013-07-31 13:20:27
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.02 Low
EPSS
Percentile
88.8%
Related for DEBIANCVE:CVE-2013-2220