New Search

rad_decode in FreeRADIUS 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a short RADIUS string attribute with a tag which causes memcpy to be called with a -1 length argument as demonstrated using the Tunnel-Password attribute.

oval:org.mitre.oval:def:10917

rad_decode in FreeRADIUS 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a short RADIUS string attribute with a tag which causes memcpy to be called with a -1 length argument as demonstrated using the Tunnel-Password attribute.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Enterprise Linux 3
  • CentOS Linux 3
Class:
vulnerability
Reference(s):
  • CVE-2003-0967
Product(s):