Filtered by vendor Gnu Subscriptions
Filtered by product Radius Subscriptions
Total 6 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2001-1377 12 Freeradius, Gnu, Icradius and 9 more 12 Freeradius, Radius, Icradius and 9 more 2024-08-08 N/A
Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2.
CVE-2001-1376 13 Ascend, Freeradius, Gnu and 10 more 13 Radius, Freeradius, Radius and 10 more 2024-08-08 N/A
Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data.
CVE-2004-0849 1 Gnu 1 Radius 2024-08-08 N/A
Integer overflow in the asn_decode_string() function defined in asn1.c in radiusd for GNU Radius 1.1 and 1.2 before 1.2.94, when compiled with the --enable-snmp option, allows remote attackers to cause a denial of service (daemon crash) via certain SNMP requests.
CVE-2004-0576 1 Gnu 1 Radius 2024-08-08 N/A
The radius daemon (radiusd) for GNU Radius 1.1, when compiled with the -enable-snmp option, allows remote attackers to cause a denial of service (server crash) via malformed SNMP messages containing an invalid OID.
CVE-2004-0131 1 Gnu 1 Radius 2024-08-08 N/A
The rad_print_request function in logger.c for GNU Radius daemon (radiusd) before 1.2 allows remote attackers to cause a denial of service (crash) via a UDP packet with an Acct-Status-Type attribute without a value and no Acct-Session-Id attribute, which causes a null dereference.
CVE-2006-4181 1 Gnu 1 Radius 2024-08-07 N/A
Format string vulnerability in the sqllog function in the SQL accounting code for radiusd in GNU Radius 1.2 and 1.3 allows remote attackers to execute arbitrary code via unknown vectors.