CVSS: 9.8EPSS: 27%CPEs: 15EXPL: 0CVE-2017-10984 – freeradius: Out-of-bounds write in data2vp_wimax()
https://notcve.org/view.php?id=CVE-2017-10984
17 Jul 2017 — An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows "Write overflow in data2vp_wimax()" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code. Un problema FR-GV-301 en FreeRADIUS versión 3.x anterior a 3.0.15, permite un "Write overflow in data2vp_wimax()" - esto permite a los atacantes remotos causar una denegación de servicio (bloqueo del demonio) o posiblemente ejecutar código arbitrario. An out-of-bounds write flaw was found in the way FreeRA... • http://freeradius.org/security/fuzzer-2017.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 2%CPEs: 15EXPL: 0CVE-2017-10985 – freeradius: Infinite loop and memory exhaustion with 'concat' attributes
https://notcve.org/view.php?id=CVE-2017-10985
17 Jul 2017 — An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows "Infinite loop and memory exhaustion with 'concat' attributes" and a denial of service. Un problema FR-GV-302 en FreeRADIUS versión 3.x anterior a 3.0.15, permite un "Infinite loop and memory exhaustion with 'concat' attributes" y una denegación de servicio. A denial of service flaw was found in the way FreeRADIUS server handled certain attributes in request packets. A remote attacker could use this flaw to cause the FreeRADIUS server to enter an inf... • http://freeradius.org/security/fuzzer-2017.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 2%CPEs: 15EXPL: 0CVE-2017-10986 – freeradius: Infinite read in dhcp_attr2vp()
https://notcve.org/view.php?id=CVE-2017-10986
17 Jul 2017 — An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Infinite read in dhcp_attr2vp()" and a denial of service. Un problema FR-GV-303 en FreeRADIUS versión 3.x anterior a 3.0.15, permite una "DHCP - Infinite read in dhcp_attr2vp()" y una denegación de servicio. An out-of-bounds read flaw was found in the way FreeRADIUS server handled decoding of DHCP packets. A remote attacker could use this flaw to crash the FreeRADIUS server by sending a specially crafted DHCP request. FreeRADIUS is a high-per... • http://freeradius.org/security/fuzzer-2017.html • CWE-125: Out-of-bounds Read CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 2%CPEs: 15EXPL: 0CVE-2017-10987 – freeradius: Buffer over-read in fr_dhcp_decode_suboptions()
https://notcve.org/view.php?id=CVE-2017-10987
17 Jul 2017 — An FR-GV-304 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Buffer over-read in fr_dhcp_decode_suboptions()" and a denial of service. Un problema FR-GV-304 en FreeRADIUS versión 3.x anterior a 3.0.15, permite una "DHCP - Buffer over-read in fr_dhcp_decode_suboptions()" y una denegación de servicio. An out-of-bounds read flaw was found in the way FreeRADIUS server handled decoding of DHCP packets. A remote attacker could use this flaw to crash the FreeRADIUS server by sending a specially crafted DHCP r... • http://freeradius.org/security/fuzzer-2017.html • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 3%CPEs: 19EXPL: 0CVE-2017-10978 – freeradius: Out-of-bounds read/write due to improper output buffer size check in make_secret()
https://notcve.org/view.php?id=CVE-2017-10978
17 Jul 2017 — An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "Read / write overflow in make_secret()" and a denial of service. Un problema FR-GV-201 en FreeRADIUS versión 2.x anterior a 2.2.10 y versión 3.x anterior a 3.0.15, permite un "Read / write overflow in make_secret()" y una denegación de servicio. An out-of-bounds read and write flaw was found in the way FreeRADIUS server handled RADIUS packets. A remote attacker could use this flaw to crash the FreeRADIUS server by sending a spe... • http://freeradius.org/security/fuzzer-2017.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 27%CPEs: 30EXPL: 0CVE-2017-10979 – freeradius: Out-of-bounds write in rad_coalesce()
https://notcve.org/view.php?id=CVE-2017-10979
17 Jul 2017 — An FR-GV-202 issue in FreeRADIUS 2.x before 2.2.10 allows "Write overflow in rad_coalesce()" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code. Un problema FR-GV-202 en FreeRADIUS versión 2.x anterior a 2.2.10, permite un "Write overflow in rad_coalesce()" - esto permite a los atacantes remotos causar una denegación de servicio (bloqueo del demonio) o posiblemente ejecutar código arbitrario. An out-of-bounds write flaw was found in the way FreeRADI... • http://freeradius.org/security/fuzzer-2017.html • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 1%CPEs: 30EXPL: 0CVE-2017-10980 – freeradius: Memory leak in decode_tlv()
https://notcve.org/view.php?id=CVE-2017-10980
17 Jul 2017 — An FR-GV-203 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in decode_tlv()" and a denial of service. Un problema FR-GV-203 en FreeRADIUS versión 2.x anterior a 2.2.10, permite una "DHCP - Memory leak in decode_tlv()" y una denegación de servicio. A memory leak flaw was found in the way FreeRADIUS server handles decoding of DHCP packets. A remote attacker could use this flaw to cause the FreeRADIUS server to consume an increasing amount of memory resources over time possibly leading to a c... • http://freeradius.org/security/fuzzer-2017.html • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.5EPSS: 1%CPEs: 30EXPL: 0CVE-2017-10981 – freeradius: Memory leak in fr_dhcp_decode()
https://notcve.org/view.php?id=CVE-2017-10981
17 Jul 2017 — An FR-GV-204 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in fr_dhcp_decode()" and a denial of service. Un problema FR-GV-204 en FreeRADIUS versión 2.x anterior a 2.2.10, permite una "DHCP - Memory leak in fr_dhcp_decode()" y una denegación de servicio. A memory leak flaw was found in the way FreeRADIUS server handles decoding of DHCP packets. A remote attacker could use this flaw to cause the FreeRADIUS server to consume an increasing amount of memory resources over time, possibly leadi... • http://freeradius.org/security/fuzzer-2017.html • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.5EPSS: 2%CPEs: 30EXPL: 0CVE-2017-10982 – freeradius: Out-of-bounds read in fr_dhcp_decode_options()
https://notcve.org/view.php?id=CVE-2017-10982
17 Jul 2017 — An FR-GV-205 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Buffer over-read in fr_dhcp_decode_options()" and a denial of service. Un problema FR-GV-205 en FreeRADIUS versión 2.x anterior a 2.2.10, permite una "DHCP - Buffer over-read in fr_dhcp_decode_options()" y una denegación de servicio. An out-of-bounds read flaw was found in the way FreeRADIUS server handles decoding of DHCP packets. A remote attacker could use this flaw to crash the FreeRADIUS server by sending a specially crafted DHCP request... • http://freeradius.org/security/fuzzer-2017.html • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 3%CPEs: 45EXPL: 0CVE-2017-10983 – freeradius: Out-of-bounds read in fr_dhcp_decode() when decoding option 63
https://notcve.org/view.php?id=CVE-2017-10983
17 Jul 2017 — An FR-GV-206 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "DHCP - Read overflow when decoding option 63" and a denial of service. Un problema FR-GV-206 en FreeRADIUS versión 2.x anterior a 2.2.10 y versión 3.x anterior a 3.0.15, permite una "DHCP - Read overflow when decoding option 63" y una denegación de servicio. An out-of-bounds read flaw was found in the way FreeRADIUS server handled decoding of DHCP packets. A remote attacker could use this flaw to crash the FreeRADIUS server by ... • http://freeradius.org/security/fuzzer-2017.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •