5 results (0.008 seconds)

CVSS: 5.0EPSS: 0%CPEs: 40EXPL: 0

Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466 http://marc.info/?l=bugtraq&m=101537153021792&w=2 http://www.cert.org/advisories/CA-2002-06.html http://www.iss.net/security_center/static/8354.php http://www.kb.cert.org/vuls/id/936683 http://www.redhat.com/support/errata/RHSA-2002-030.html http://www&# •

CVSS: 7.5EPSS: 3%CPEs: 40EXPL: 0

Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data. • http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466 http://marc.info/?l=bugtraq&m=101537153021792&w=2 http://online.securityfocus.com/archive/1/239784 http://www.cert.org/advisories/CA-2002-06.html http://www.kb.cert.org/vuls/id/589523 http://www.redhat.com/support/errata/RHSA-2002-030.html http://www.securityfocus.com/bid/3530 https://exchange.xforce.ibmcloud.com/vulnerabilities/7534 •

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

Multiple buffer overflows in RADIUS daemon radiusd in (1) Merit 3.6b and (2) Lucent 2.1-2 RADIUS allow remote attackers to cause a denial of service or execute arbitrary commands. • http://www.kb.cert.org/vuls/id/898931 http://www.securityfocus.com/bid/2989 http://xforce.iss.net/alerts/alerts.php •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

Directory traversal vulnerability in Livingston/Lucent RADIUS before 2.1.va.1 may allow attackers to read arbitrary files via a .. (dot dot) attack. • http://freshmeat.net/releases/52020 •

CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 0

Format string vulnerabilities in Livingston/Lucent RADIUS before 2.1.va.1 may allow local or remote attackers to cause a denial of service and possibly execute arbitrary code via format specifiers that are injected into log messages. • http://archives.neohapsis.com/archives/apps/freshmeat/2001-07/0009.html http://archives.neohapsis.com/archives/vulnwatch/2001-q3/0005.html http://freshmeat.net/releases/52020 http://www.securityfocus.com/bid/2994 •