Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freeradius freeradius 1.0.0 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2006-1354
Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote malicious users to bypass authentication or cause a denial of service (server crash) via "Insufficient input validation" in the EAP-MSCHAPv2 state machine module.
Freeradius Freeradius 1.0.5
Freeradius Freeradius 1.1.0
Freeradius Freeradius 1.0.0
Freeradius Freeradius 1.0.3
Freeradius Freeradius 1.0.4
Freeradius Freeradius 1.0.1
Freeradius Freeradius 1.0.2
445
VMScore
CVE-2004-0960
FreeRADIUS prior to 1.0.1 allows remote malicious users to cause a denial of service (core dump) via malformed USR vendor-specific attributes (VSA) that cause a memcpy operation with a -1 argument.
Freeradius Freeradius 0.3
Freeradius Freeradius 0.4
Freeradius Freeradius 0.9.3
Freeradius Freeradius 1.0.0
Freeradius Freeradius 0.5
Freeradius Freeradius 0.8
Freeradius Freeradius 0.8.1
Freeradius Freeradius 0.9
Freeradius Freeradius 0.2
Freeradius Freeradius 0.9.1
Freeradius Freeradius 0.9.2
Redhat Enterprise Linux 3.0
Redhat Fedora Core Core 2.0
445
VMScore
CVE-2004-0961
Memory leak in FreeRADIUS prior to 1.0.1 allows remote malicious users to cause a denial of service (memory exhaustion) via a series of Access-Request packets with (1) Ascend-Send-Secret, (2) Ascend-Recv-Secret, or (3) Tunnel-Password attributes.
Freeradius Freeradius 0.4
Freeradius Freeradius 0.5
Freeradius Freeradius 1.0.0
Freeradius Freeradius 0.8
Freeradius Freeradius 0.8.1
Freeradius Freeradius 0.9
Freeradius Freeradius 0.9.1
Freeradius Freeradius 0.2
Freeradius Freeradius 0.3
Freeradius Freeradius 0.9.2
Freeradius Freeradius 0.9.3
Redhat Enterprise Linux 3.0
Redhat Fedora Core Core 2.0
505
VMScore
CVE-2009-3111
The rad_decode function in FreeRADIUS prior to 1.1.8 allows remote malicious users to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 up to and including 8.11. NOTE: this ...
Freeradius Freeradius 0.2
Freeradius Freeradius 0.4
Freeradius Freeradius 1.0.3
Freeradius Freeradius 1.0.4
Freeradius Freeradius
Freeradius Freeradius 1.0.2
Freeradius Freeradius 0.9
Freeradius Freeradius 0.8.1
Freeradius Freeradius 1.1.5
Freeradius Freeradius 1.0.5
Freeradius Freeradius 0.3
Freeradius Freeradius 0.8
Freeradius Freeradius 0.5
Freeradius Freeradius 1.0.1
Freeradius Freeradius 1.1.3
Freeradius Freeradius 0.9.1
Freeradius Freeradius 0.9.2
Freeradius Freeradius 0.9.3
Freeradius Freeradius 1.0.0
Freeradius Freeradius 1.1.0
Freeradius Freeradius 1.1.6
1 EDB exploit
534
VMScore
CVE-2011-4966
modules/rlm_unix/rlm_unix.c in FreeRADIUS prior to 2.2.0, when unix mode is enabled for user authentication, does not properly check the password expiration in /etc/shadow, which allows remote authenticated users to authenticate using an expired password.
Freeradius Freeradius 2.1.4
Freeradius Freeradius 2.1.12
Freeradius Freeradius 0.2
Freeradius Freeradius 0.4
Freeradius Freeradius 1.0.1
Freeradius Freeradius 1.0.2
Freeradius Freeradius 1.1.3
Freeradius Freeradius 1.1.5
Freeradius Freeradius 2.1.2
Freeradius Freeradius
Freeradius Freeradius 2.1.3
Freeradius Freeradius 0.1
Freeradius Freeradius 2.0.4
Freeradius Freeradius 2.1.9
Freeradius Freeradius 0.8.1
Freeradius Freeradius 0.9.3
Freeradius Freeradius 1.0.0
Freeradius Freeradius 0.9.1
Freeradius Freeradius 1.1.2
Freeradius Freeradius 1.1.4
Freeradius Freeradius 1.1.8
Freeradius Freeradius 0.6
445
VMScore
CVE-2004-0938
FreeRADIUS prior to 1.0.1 allows remote malicious users to cause a denial of service (server crash) by sending an Ascend-Send-Secret attribute without the required leading packet.
Freeradius Freeradius
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started