Lucene search
Ubuntu.comUB:CVE-2014-2015HistoryFeb 21, 2014 - 12:00 a.m.
CVE-2014-2015
2014-02-2100:00:00
ubuntu.com
ubuntu.com
6
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.008 Low
EPSS
Percentile
81.5%
Stack-based buffer overflow in the normify function in the rlm_pap module
(modules/rlm_pap/rlm_pap.c) in FreeRADIUS 2.x, possibly 2.2.3 and earlier,
and 3.x, possibly 3.0.1 and earlier, might allow attackers to cause a
denial of service (crash) and possibly execute arbitrary code via a long
password hash, as demonstrated by an SSHA hash.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 10.04 | noarch | freeradius | < 2.1.8+dfsg-1ubuntu1.1 | UNKNOWN |
| ubuntu | 12.04 | noarch | freeradius | < 2.1.10+dfsg-3ubuntu0.12.04.2 | UNKNOWN |
| ubuntu | 12.10 | noarch | freeradius | < 2.1.12+dfsg-1.1ubuntu0.1 | UNKNOWN |
| ubuntu | 13.10 | noarch | freeradius | < 2.1.12+dfsg-1.2ubuntu5.1 | UNKNOWN |
Related
fedora
fedora
[SECURITY] Fedora 19 Update: freeradius-2.2.3-7.fc19
2014-03-09 04:41:41
[SECURITY] Fedora 20 Update: freeradius-3.0.1-4.fc20
2014-03-09 04:37:28
nessus
nessus
Amazon Linux AMI : freeradius (ALAS-2015-581)
2015-08-18 00:00:00
openSUSE Security Update : freeradius-server (openSUSE-SU-2014:0343-1)
2014-06-13 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:06:49
openvas
openvas
Fedora Update for freeradius FEDORA-2014-3184
2014-03-12 00:00:00
Gentoo Security Advisory GLSA 201406-12
2015-09-29 00:00:00
Amazon Linux: Security Advisory (ALAS-2015-581)
2015-09-08 00:00:00
mageia
mageia
Updated freeradius package fixes security vulnerability
2014-02-21 22:13:26
centos
centos
freeradius security update
2015-07-26 14:11:15
amazon
amazon
Medium: freeradius
2015-08-17 12:30:00
prion
prion
Stack overflow
2014-11-02 00:55:00
cvelist
cvelist
CVE-2014-2015
2014-11-02 00:00:00
redhat
redhat
oraclelinux
oraclelinux
freeradius security, bug fix, and enhancement update
2015-07-28 00:00:00
gentoo
gentoo
FreeRADIUS: Arbitrary code execution
2014-06-15 00:00:00
debiancve
debiancve
CVE-2014-2015
2014-11-02 00:55:00
cve
cve
CVE-2014-2015
2014-11-02 00:55:00
securityvulns
securityvulns
FreeRADIUS security vulnerabilities
2014-02-28 00:00:00
[USN-2122-1] FreeRADIUS vulnerabilities
2014-02-28 00:00:00
ubuntu
ubuntu
FreeRADIUS vulnerabilities
2014-02-26 00:00:00
debian
debian
[SECURITY] [DLA 977-1] freeradius security update
2017-06-05 16:33:27
osv
osv
freeradius - security update
2017-06-05 00:00:00
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.008 Low
EPSS
Percentile
81.5%
Related for UB:CVE-2014-2015