CVSS: 7.5EPSS: 4%CPEs: 7EXPL: 0CVE-2006-1354
https://notcve.org/view.php?id=CVE-2006-1354
22 Mar 2006 — Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote attackers to bypass authentication or cause a denial of service (server crash) via "Insufficient input validation" in the EAP-MSCHAPv2 state machine module. • ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2005-1454
https://notcve.org/view.php?id=CVE-2005-1454
19 May 2005 — SQL injection vulnerability in the radius_xlat function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via (1) group_membership_query, (2) simul_count_query, or (3) simul_verify_query configuration entries. • http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-05/0492.html •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2005-1455
https://notcve.org/view.php?id=CVE-2005-1455
19 May 2005 — Buffer overflow in the sql_escape_func function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote attackers to cause a denial of service (crash). • http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-05/0492.html •