Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSDEC2F2FF5-F710-11DA-9156-000E0C2E438A
HistorySep 09, 2005 - 12:00 a.m.

freeradius -- multiple vulnerabilities

2005-09-0900:00:00
vuxml.freebsd.org
16

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

0.022 Low

EPSS

Percentile

89.6%

JSON

The freeradious development team reports:

Multiple issues exist with version 1.0.4, and all prior
versions of the server. Externally exploitable
vulnerabilities exist only for sites that use the
rlm_sqlcounter module. Those sites may be vulnerable to
SQL injection attacks, similar to the issues noted below.
All sites that have not deployed the rlm_sqlcounter module
are not vulnerable to external exploits.
The issues are:
SQL Injection attack in the rlm_sqlcounter module.
Buffer overflow in the rlm_sqlcounter module, that may cause
a server crash.
Buffer overflow while expanding %t, that may cause a server
crash.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchfreeradius= 1.0.0UNKNOWN
FreeBSDanynoarchfreeradius<= 1.0.4UNKNOWN

Related

cve 1
cvelist 1
nvd 1
debiancve 1
nessus 5
openvas 4
ubuntucve 1
redhat 1
osv 1
debian 1
centos 1
cve
cve
CVE-2005-4744
2006-03-28 11:00:00
cvelist
cvelist
CVE-2005-4744
2006-03-28 11:00:00
nvd
nvd
CVE-2005-4744
2005-12-31 05:00:00
debiancve
debiancve
CVE-2005-4744
2006-03-28 11:00:00
nessus
nessus
FreeBSD : freeradius -- multiple vulnerabilities (ec2f2ff5-f710-11da-9156-000e0c2e438a)
2006-06-11 00:00:00
Mandrake Linux Security Advisory : freeradius (MDKSA-2006:066)
2006-04-08 00:00:00
RHEL 3 / 4 : freeradius (RHSA-2006:0271)
2006-04-04 00:00:00
openvas
openvas
FreeBSD Ports: freeradius
2008-09-04 00:00:00
FreeBSD Ports: freeradius
2008-09-04 00:00:00
Debian: Security Advisory (DSA-1089-1)
2008-01-17 00:00:00
ubuntucve
ubuntucve
CVE-2005-4744
2005-12-31 00:00:00
redhat
redhat
(RHSA-2006:0271) freeradius security update
2006-04-04 00:00:00
osv
osv
freeradius - several vulnerabilities
2006-06-03 00:00:00
debian
debian
[SECURITY] [DSA 1089-1] New freeradius packages fix arbitrary code execution
2006-06-03 12:27:36
centos
centos
freeradius security update
2006-04-04 12:43:31

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

0.022 Low

EPSS

Percentile

89.6%

JSON
Related for EC2F2FF5-F710-11DA-9156-000E0C2E438A
cve1cvelist1nvd1debiancve1nessus5openvas4ubuntucve1redhat1osv1debian1centos1