4 matches found
CVE-2001-1376
CVE-2001-1376 describes a buffer overflow in the RADIUS digest calculation function across multiple implementations. The overflow occurs while concatenating the shared secret with the received packet during digest computation, enabling remote denial of service and, in some cases, arbitrary code e...
CVE-2001-1377
CVE-2001-1377 affects multiple RADIUS implementations that fail to validate the Vendor-Length of Vendor-Specific attributes, enabling a remote attacker to crash the server when Vendor-Length
CVE-2004-0987
CVE-2004-0987 refers to a buffer overflow in yardradius 1.0.20 (process_menu) that allows remote arbitrary code execution. Debian DSA-598-1 fixes this in yardradius 1.0.20-2woody1 (stable Woody) and 1.0.20-15 (sid). The vulnerability is remote and can give root context; upgrade to the fixed packa...
CVE-2013-4147
CVE-2013-4147 affects Yet Another Radius Daemon (YARD RADIUS) 1.1.2, with multiple format-string vulnerabilities in log_msg (log.c) and version/build_version (version.c) that can cause a crash or potentially allow arbitrary code execution. An exploit exists per CIRCL/Xploit-DB linkage, indicating...