Lucene search
+L

1822 matches found

cve
cve
added 2004/09/01 4:0 a.m.96 views

CVE-2003-0093

The CVE-2003-0093 entry concerns tcpdump 3.6.2 and earlier, where the RADIUS packet decoder can crash the process by processing an invalid RADIUS packet with a header length field of 0. This condition causes tcpdump to enter an infinite loop, yielding a denial of service. Connected documents (e.g...

5CVSS6.3AI score0.01972EPSS
Exploits1References7Affected Software1
cve
cve
added 2004/09/01 4:0 a.m.54 views

CVE-2004-0131

The CVE refers to GNU Radius radiusd (daemon) prior to 1.2. The vulnerability is triggered by a UDP packet containing an Acct-Status-Type attribute without a value and without an Acct-Session-Id attribute, causing a null dereference and a denial of service. Affected component: logger.c in rad_pri...

5CVSS7AI score0.03542EPSS
Exploits0References7Affected Software1
cve
cve
added 2004/09/01 4:0 a.m.46 views

CVE-2001-1081

Vulnerability details: CVE-2001-1081 concerns Livingston/Lucent RADIUS prior to 2.1.va.1, where format string vulnerabilities in log message handling can allow local or remote attackers to cause a denial of service and potentially execute arbitrary code via crafted format specifiers. The provided...

7.5CVSS8.2AI score0.02782EPSS
Exploits0References4Affected Software2
debiancve
debiancve
added 2004/09/01 4:0 a.m.55 views

CVE-2003-0093

The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service crash via an invalid RADIUS packet with a header length field of 0, which causes tcpdump to generate data within an infinite loop...

5CVSS5.2AI score0.01972EPSS
Exploits1
cvelist
cvelist
added 2004/09/01 4:0 a.m.33 views

CVE-2003-0093

The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service crash via an invalid RADIUS packet with a header length field of 0, which causes tcpdump to generate data within an infinite loop...

6.2AI score0.01972EPSS
Exploits1References7
debiancve
debiancve
added 2004/09/01 4:0 a.m.34 views

CVE-2003-0145

Unknown vulnerability in tcpdump before 3.7.2 related to an inability to "Handle unknown RADIUS attributes properly," allows remote attackers to cause a denial of service infinite loop, a different vulnerability than CAN-2003-0093...

5CVSS5.4AI score0.01898EPSS
Exploits0
cvelist
cvelist
added 2004/09/01 4:0 a.m.21 views

CVE-2001-1081

Format string vulnerabilities in Livingston/Lucent RADIUS before 2.1.va.1 may allow local or remote attackers to cause a denial of service and possibly execute arbitrary code via format specifiers that are injected into log messages...

7.8AI score0.02782EPSS
Exploits0References4
nessus
nessus
added 2004/08/20 12:0 a.m.17 views

RADIUS Server Failed Login Detection

Binary data 1145.prm...

7.3AI score
Exploits0
nessus
nessus
added 2004/07/31 12:0 a.m.33 views

Mandrake Linux Security Advisory : ethereal (MDKSA-2004:024)

A number of serious issues have been discovered in versions of Ethereal prior to 0.10.2. Stefan Esser discovered thirteen buffer overflows in the NetFlow, IGAP, EIGRP, PGM, IrDA, BGP, ISUP, and TCAP dissectors. Jonathan Heusser discovered that a carefully-crafted RADIUS packet could cause Etherea...

7.5CVSS5.8AI score0.67092EPSS
Exploits0References4
nessus
nessus
added 2004/07/23 12:0 a.m.36 views

Fedora Core 1 : tcpdump-3.7.2-7.fc1.1 (2004-090)

Updated tcpdump, libpcap, and arpwatch packages fix vulnerabilities in ISAKMP and RADIUS parsing. Tcpdump is a command-line tool for monitoring network traffic. George Bakos discovered flaws in the ISAKMP decoding routines of tcpdump versions prior to 3.8.1. The Common Vulnerabilities and Exposur...

7.5CVSS5.7AI score0.05275EPSS
Exploits1References4
nessus
nessus
added 2004/07/06 12:0 a.m.29 views

FreeBSD : L2TP, ISAKMP, and RADIUS parsing vulnerabilities in tcpdump (192)

The following package needs to be updated: tcpdump %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg96ba2dae4ab011d896f20020ed76ef5a.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

6.5AI score0.0992EPSS
Exploits0References23
nessus
nessus
added 2004/07/06 12:0 a.m.36 views

RHEL 2.1 / 3 : tcpdump (RHSA-2004:008)

Updated tcpdump, libpcap, and arpwatch packages fix vulnerabilities in ISAKMP and RADIUS parsing. Updated 15 Jan 2004 Updated the text description to better describe the vulnerabilities found by Jonathan Heusser and give them CVE names. Tcpdump is a command-line tool for monitoring network traffi...

7.5CVSS5.7AI score0.05275EPSS
Exploits1References8
nessus
nessus
added 2004/07/06 12:0 a.m.40 views

RHEL 2.1 : tcpdump (RHSA-2003:151)

Updated tcpdump packages that fix an infinite loop vulnerability and drop privileges on startup are now available. Tcpdump is a command-line tool for monitoring network traffic. A vulnerability exists in tcpdump before 3.7.2 and is related to an inability to handle unknown RADIUS attributes...

5CVSS5.7AI score0.01898EPSS
Exploits0References6
nessus
nessus
added 2004/07/06 12:0 a.m.38 views

RHEL 3 : freeradius (RHSA-2003:386)

Updated FreeRADIUS packages are now available that fix a denial of service vulnerability. FreeRADIUS is an Internet authentication daemon, which implements the RADIUS protocol. It allows Network Access Servers NAS boxes to perform authentication for dial-up users. The raddecode function in...

5CVSS5.3AI score0.04638EPSS
Exploits0References4
cvelist
cvelist
added 2004/06/30 4:0 a.m.24 views

CVE-2004-0576

The radius daemon radiusd for GNU Radius 1.1, when compiled with the -enable-snmp option, allows remote attackers to cause a denial of service server crash via malformed SNMP messages containing an invalid OID...

6.6AI score0.01574EPSS
Exploits0References3
cve
cve
added 2004/06/30 4:0 a.m.53 views

CVE-2004-0576

The CVE-2004-0576 issue affects GNU Radius 1.1 when built with the -enable-snmp option. The underlying vulnerability is in the SNMP message handling code, where a malformed SNMP packet containing an invalid OID can cause the radiusd service to crash, enabling remote denial-of-service exploitation...

5CVSS6.6AI score0.01574EPSS
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2004/06/23 12:0 a.m.46 views

[Full-Disclosure] iDEFENSE Security Advisory 06.21.04 - GNU Radius SNMP Invalid OID Denial of Service Vulnerability

GNU Radius SNMP Invalid OID Denial of Service Vulnerability iDEFENSE Security Advisory 06.21.04 www.idefense.com/application/poi/display?id=110&type=vulnerabilities June 21, 2004 I. BACKGROUND Radius is a server for remote user authentication and accounting. More information about Radius is...

5CVSS0.8AI score0.01574EPSS
Exploits0
securityvulns
securityvulns
added 2004/06/23 12:0 a.m.42 views

GNU RADIUS SNMP DoS

SNMP packet with invalid oid causes server to crash...

2.4AI score
Exploits0References1Affected Software1
nvd
nvd
added 2004/05/04 4:0 a.m.19 views

CVE-2004-0365

The dissectattributevaluepairs function in packet-radius.c for Ethereal 0.8.13 to 0.10.2 allows remote attackers to cause a denial of service crash via a malformed RADIUS packet that triggers a null dereference...

7.5CVSS7.3AI score0.05891EPSS
Exploits0References15
redhat
redhat
added 2004/03/30 5:6 p.m.12 views

security flaw

The dissectattributevaluepairs function in packet-radius.c for Ethereal 0.8.13 to 0.10.2 allows remote attackers to cause a denial of service crash via a malformed RADIUS packet that triggers a null dereference...

7.5CVSS5.9AI score0.05891EPSS
Exploits0References4
Rows per page
Query Builder