FreeRadius EAP-PWD module buffer overflow vulnerability (CNVD-2016-00367)

FreeRadius is a suite of software that implements the RADIUS protocol from the FreeRADIUS Server project. The EAP-PWD module of FreeRadius uses the 'strcpy' function to encapsulate C strings into EAP-PWD packets, allowing remote attackers to exploit vulnerabilities by submitting special requests ...

CVE-2013-0191

libpam-pgsql aka pampgsql 0.7 does not properly handle a NULL value returned by the password search query, which allows remote attackers to bypass authentication via a crafted password...