9 matches found
CVE-2013-2220
Buffer overflow in the radiusgetvendorattr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large Vendor Specific Attributes VSA length value...
CVE-2013-2220
The CVE-2013-2220 entry describes a buffer overflow in the Radius extension for PHP (before version 1.2.7) affecting the radius_get_vendor_attr function when processing large Vendor Specific Attributes (VSA). The underlying issue is an assumption that VSA lengths are valid, which can be exploited...
Debian DSA-2726-1 : php-radius - buffer overflow
A buffer overflow has been discovered in the Radius extension for PHP. The function handling Vendor Specific Attributes assumed that the attributes given would always be of valid length. An attacker could use this assumption to trigger a buffer overflow. %NASLMINLEVEL 70300 C Tenable Network...
[SECURITY] [DSA 2726-1] php-radius security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2726-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst July 25, 2013 http://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-2726-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2013-0206 Updated php-radius packages fix CVE-2013-2220
Updated php-radius package fixes security vulnerability: Fix a security issue in radiusgetvendorattr by enforcing checks of the VSA length field against the buffer size CVE-2013-2220...
Updated php-radius packages fix CVE-2013-2220
Updated php-radius package fixes security vulnerability: Fix a security issue in radiusgetvendorattr by enforcing checks of the VSA length field against the buffer size CVE-2013-2220...
[ MDVSA-2013:192 ] php-radius
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:192 http://www.mandriva.com/en/support/security/ Package : php-radius Date : July 2, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: A security vulnerability was discovered and...
Mandriva Linux Security Advisory : php-radius (MDVSA-2013:192)
A security vulnerability was discovered and fixed in php-radius. Fix a security issue in radiusgetvendorattr by enforcing checks of the VSA length field against the buffer size CVE-2013-2220. The updated packages have been upgraded to the 1.2.7 version which is not affected by this issue...