GNU Radius < 1.2.94 SNMP Request Remote DoS

Binary data 2299.prm...

CVE-2004-0849

The CVE-2004-0849 issue affects GNU Radius radiusd (versions 1.1 and 1.2 prior to 1.2.94) where an integer overflow in asn_decode_string() (snmplib/asn1.c) can crash the daemon via crafted SNMP requests when built with --enable-snmp. The vulnerability is triggered by very large unsigned values in...

CVE-2004-0849

Integer overflow in the asndecodestring function defined in asn1.c in radiusd for GNU Radius 1.1 and 1.2 before 1.2.94, when compiled with the --enable-snmp option, allows remote attackers to cause a denial of service daemon crash via certain SNMP requests...

iDEFENSE Security Advisory 09.15.04: GNU Radius SNMP String Length Integer Overflow Denial of Service Vulnerability

GNU Radius SNMP String Length Integer Overflow Denial of Service Vulnerability iDEFENSE Security Advisory 09.15.04 www.idefense.com/application/poi/display?id=141&type=vulnerabilities September 15, 2004 I. BACKGROUND Radius is used for remote user authentication and accounting. For more informati...

CVE-2004-0131

The radprintrequest function in logger.c for GNU Radius daemon radiusd before 1.2 allows remote attackers to cause a denial of service crash via a UDP packet with an Acct-Status-Type attribute without a value and no Acct-Session-Id attribute, which causes a null dereference...

CVE-2004-0131

The CVE refers to GNU Radius radiusd (daemon) prior to 1.2. The vulnerability is triggered by a UDP packet containing an Acct-Status-Type attribute without a value and without an Acct-Session-Id attribute, causing a null dereference and a denial of service. Affected component: logger.c in rad_pri...

CVE-2004-0576

The CVE-2004-0576 issue affects GNU Radius 1.1 when built with the -enable-snmp option. The underlying vulnerability is in the SNMP message handling code, where a malformed SNMP packet containing an invalid OID can cause the radiusd service to crash, enabling remote denial-of-service exploitation...

CVE-2004-0576

The radius daemon radiusd for GNU Radius 1.1, when compiled with the -enable-snmp option, allows remote attackers to cause a denial of service server crash via malformed SNMP messages containing an invalid OID...

GNU RADIUS SNMP DoS

SNMP packet with invalid oid causes server to crash...

[Full-Disclosure] iDEFENSE Security Advisory 06.21.04 - GNU Radius SNMP Invalid OID Denial of Service Vulnerability

GNU Radius SNMP Invalid OID Denial of Service Vulnerability iDEFENSE Security Advisory 06.21.04 www.idefense.com/application/poi/display?id=110&type=vulnerabilities June 21, 2004 I. BACKGROUND Radius is a server for remote user authentication and accounting. More information about Radius is...

CVE-2004-0131

The radprintrequest function in logger.c for GNU Radius daemon radiusd before 1.2 allows remote attackers to cause a denial of service crash via a UDP packet with an Acct-Status-Type attribute without a value and no Acct-Session-Id attribute, which causes a null dereference...

iDEFENSE Security Advisory 02.04.04: GNU Radius Remote Denial of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 02.04.04 GNU Radius Remote Denial of Service Vulnerability http://www.idefense.com/application/poi/display?id=71 February 4, 2004 I. BACKGROUND Radius is a server for remote user authentication and accounting. More informati...

GNU Radius DoS

NULL reference on empty Acct-Session-Id attribute...

GNU Radius accounting service fails to properly handle exceptional Acct-Status-Type and Acct-Session-Id attributes

Overview The GNU Radius accounting service fails to properly handle packets with exceptional Acct-Status-Type and Acct-Session-Id attributes. Description GNU Radius is a software package used for remote user authentication and accounting. There is a vulnerability in the way the radprintrequest...