5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
61.7%
Apache mod_auth_radius 1.5.4 and libpam-radius-auth allow remote malicious
RADIUS servers to cause a denial of service (crash) via a
RADIUS_REPLY_MESSAGE with a RADIUS attribute length of 1, which leads to a
memcpy operation with a -1 length argument.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 6.06 | noarch | libpam-radius-auth | < 1.3.16-4 | UNKNOWN |
ubuntu | 6.10 | noarch | libpam-radius-auth | < 1.3.16-4 | UNKNOWN |
ubuntu | 7.04 | noarch | libpam-radius-auth | < 1.3.16-4 | UNKNOWN |