Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freeradius freeradius 0.9.3 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2003-0968
Stack-based buffer overflow in SMB_Logon_Server of the rlm_smb experimental module for FreeRADIUS 0.9.3 and previous versions allows remote malicious users to execute arbitrary code via a long User-Password attribute.
7.5
CVSSv2
CVE-2001-1376
Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote malicious users to cause a denial of service and possibly execute arbitrary code via shared secret data.
Gnu Radius 0.95
Icradius Icradius 0.14
Livingston Radius 2.0
Livingston Radius 2.0.1
Livingston Radius 2.1
Miquel Van Smoorenburg Cistron Radius 1.6.4
Miquel Van Smoorenburg Cistron Radius 1.6.5
Radiusclient Radiusclient 0.3.1
Xtradius Xtradius 1.1 Pre1
Ascend Radius 1.16
Freeradius Freeradius 0.2
Icradius Icradius 0.15
Icradius Icradius 0.16
Lucent Radius 2.0
Lucent Radius 2.0.1
Miquel Van Smoorenburg Cistron Radius 1.6 .0
Openradius Openradius 0.8
Yard Radius Project Yard Radius 1.0.16
Yard Radius Yard Radius 1.0.17
Gnu Radius 0.93
Gnu Radius 0.94
Icradius Icradius 0.18
6
CVSSv2
CVE-2011-4966
modules/rlm_unix/rlm_unix.c in FreeRADIUS prior to 2.2.0, when unix mode is enabled for user authentication, does not properly check the password expiration in /etc/shadow, which allows remote authenticated users to authenticate using an expired password.
Freeradius Freeradius 2.1.4
Freeradius Freeradius 2.1.12
Freeradius Freeradius 0.2
Freeradius Freeradius 0.4
Freeradius Freeradius 1.0.1
Freeradius Freeradius 1.0.2
Freeradius Freeradius 1.1.3
Freeradius Freeradius 1.1.5
Freeradius Freeradius 2.1.2
Freeradius Freeradius
Freeradius Freeradius 2.1.3
Freeradius Freeradius 0.1
Freeradius Freeradius 2.0.4
Freeradius Freeradius 2.1.9
Freeradius Freeradius 0.8.1
Freeradius Freeradius 0.9.3
Freeradius Freeradius 1.0.0
Freeradius Freeradius 0.9.1
Freeradius Freeradius 1.1.2
Freeradius Freeradius 1.1.4
Freeradius Freeradius 1.1.8
Freeradius Freeradius 0.6
5
CVSSv2
CVE-2009-3111
The rad_decode function in FreeRADIUS prior to 1.1.8 allows remote malicious users to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 up to and including 8.11. NOTE: this ...
Freeradius Freeradius 0.2
Freeradius Freeradius 0.4
Freeradius Freeradius 1.0.3
Freeradius Freeradius 1.0.4
Freeradius Freeradius
Freeradius Freeradius 1.0.2
Freeradius Freeradius 0.9
Freeradius Freeradius 0.8.1
Freeradius Freeradius 1.1.5
Freeradius Freeradius 1.0.5
Freeradius Freeradius 0.3
Freeradius Freeradius 0.8
Freeradius Freeradius 0.5
Freeradius Freeradius 1.0.1
Freeradius Freeradius 1.1.3
Freeradius Freeradius 0.9.1
Freeradius Freeradius 0.9.2
Freeradius Freeradius 0.9.3
Freeradius Freeradius 1.0.0
Freeradius Freeradius 1.1.0
Freeradius Freeradius 1.1.6
1 EDB exploit
5
CVSSv2
CVE-2004-0960
FreeRADIUS prior to 1.0.1 allows remote malicious users to cause a denial of service (core dump) via malformed USR vendor-specific attributes (VSA) that cause a memcpy operation with a -1 argument.
Freeradius Freeradius 0.3
Freeradius Freeradius 0.4
Freeradius Freeradius 0.9.3
Freeradius Freeradius 1.0.0
Freeradius Freeradius 0.5
Freeradius Freeradius 0.8
Freeradius Freeradius 0.8.1
Freeradius Freeradius 0.9
Freeradius Freeradius 0.2
Freeradius Freeradius 0.9.1
Freeradius Freeradius 0.9.2
Redhat Enterprise Linux 3.0
Redhat Fedora Core Core 2.0
5
CVSSv2
CVE-2004-0961
Memory leak in FreeRADIUS prior to 1.0.1 allows remote malicious users to cause a denial of service (memory exhaustion) via a series of Access-Request packets with (1) Ascend-Send-Secret, (2) Ascend-Recv-Secret, or (3) Tunnel-Password attributes.
Freeradius Freeradius 0.4
Freeradius Freeradius 0.5
Freeradius Freeradius 1.0.0
Freeradius Freeradius 0.8
Freeradius Freeradius 0.8.1
Freeradius Freeradius 0.9
Freeradius Freeradius 0.9.1
Freeradius Freeradius 0.2
Freeradius Freeradius 0.3
Freeradius Freeradius 0.9.2
Freeradius Freeradius 0.9.3
Redhat Enterprise Linux 3.0
Redhat Fedora Core Core 2.0
5
CVSSv2
CVE-2001-1377
Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote malicious users to cause a denial of service (crash) via a Vendor-Length that is less than 2.
Freeradius Freeradius 0.2
Icradius Icradius 0.15
Icradius Icradius 0.16
Livingston Radius 2.1
Lucent Radius 2.0
Miquel Van Smoorenburg Cistron Radius 1.6 .0
Openradius Openradius 0.8
Xtradius Xtradius 1.1 Pre2
Yard Radius Project Yard Radius 1.0.16
Freeradius Freeradius 0.3
Gnu Radius 0.92.1
Icradius Icradius 0.17
Icradius Icradius 0.17b
Lucent Radius 2.0.1
Lucent Radius 2.1
Openradius Openradius 0.9
Openradius Openradius 0.9.1
Yard Radius Yard Radius 1.0.17
Yard Radius Yard Radius 1.0.18
Gnu Radius 0.95
Icradius Icradius 0.14
Livingston Radius 2.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started