Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freeradius freeradius 0.9.3 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2003-0968
Stack-based buffer overflow in SMB_Logon_Server of the rlm_smb experimental module for FreeRADIUS 0.9.3 and previous versions allows remote malicious users to execute arbitrary code via a long User-Password attribute.
7.5
CVSSv2
CVE-2001-1376
Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote malicious users to cause a denial of service and possibly execute arbitrary code via shared secret data.
Yard Radius Yard Radius 1.0 Pre15
Ascend Radius 1.16
Lucent Radius 2.0
Openradius Openradius 0.9
Openradius Openradius 0.9.3
Icradius Icradius 0.14
Gnu Radius 0.93
Icradius Icradius 0.18
Openradius Openradius 0.8
Freeradius Freeradius 0.3
Icradius Icradius 0.15
Lucent Radius 2.1
Miquel Van Smoorenburg Cistron Radius 1.6.4
Gnu Radius 0.95
Icradius Icradius 0.18.1
Xtradius Xtradius 1.1 Pre1
Lucent Radius 2.0.1
Livingston Radius 2.0.1
Icradius Icradius 0.17
Icradius Icradius 0.16
Icradius Icradius 0.17b
Gnu Radius 0.94
6
CVSSv2
CVE-2011-4966
modules/rlm_unix/rlm_unix.c in FreeRADIUS prior to 2.2.0, when unix mode is enabled for user authentication, does not properly check the password expiration in /etc/shadow, which allows remote authenticated users to authenticate using an expired password.
Freeradius Freeradius 1.1.7
Freeradius Freeradius 1.1.8
Freeradius Freeradius 2.1.2
Freeradius Freeradius 2.1.11
Freeradius Freeradius 1.0.0
Freeradius Freeradius 0.7
Freeradius Freeradius 0.9
Freeradius Freeradius 1.1.5
Freeradius Freeradius 2.0.5
Freeradius Freeradius 2.1.1
Freeradius Freeradius 0.9.2
Freeradius Freeradius 2.0.3
Freeradius Freeradius 0.1
Freeradius Freeradius 1.1.0
Freeradius Freeradius 1.1.3
Freeradius Freeradius 0.6
Freeradius Freeradius 2.1.4
Freeradius Freeradius 0.3
Freeradius Freeradius 1.1.2
Freeradius Freeradius 2.0
Freeradius Freeradius 1.1.4
Freeradius Freeradius 0.9.1
5
CVSSv2
CVE-2009-3111
The rad_decode function in FreeRADIUS prior to 1.1.8 allows remote malicious users to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 up to and including 8.11. NOTE: this ...
Freeradius Freeradius
Freeradius Freeradius 1.0.0
Freeradius Freeradius 0.9
Freeradius Freeradius 1.1.5
Freeradius Freeradius 0.9.2
Freeradius Freeradius 1.1.0
Freeradius Freeradius 1.1.3
Freeradius Freeradius 0.3
Freeradius Freeradius 0.9.1
Freeradius Freeradius 0.4
Freeradius Freeradius 1.0.1
Freeradius Freeradius 0.8.1
Freeradius Freeradius 1.0.4
Freeradius Freeradius 1.0.2
Freeradius Freeradius 0.5
Freeradius Freeradius 1.0.5
Freeradius Freeradius 1.0.3
Freeradius Freeradius 0.2
Freeradius Freeradius 1.1.6
Freeradius Freeradius 0.8
Freeradius Freeradius 0.9.3
1 EDB exploit
5
CVSSv2
CVE-2004-0960
FreeRADIUS prior to 1.0.1 allows remote malicious users to cause a denial of service (core dump) via malformed USR vendor-specific attributes (VSA) that cause a memcpy operation with a -1 argument.
Freeradius Freeradius 1.0.0
Freeradius Freeradius 0.9
Freeradius Freeradius 0.9.2
Freeradius Freeradius 0.3
Freeradius Freeradius 0.9.1
Freeradius Freeradius 0.4
Freeradius Freeradius 0.8.1
Freeradius Freeradius 0.5
Freeradius Freeradius 0.2
Freeradius Freeradius 0.8
Freeradius Freeradius 0.9.3
Redhat Fedora Core Core 2.0
Redhat Enterprise Linux 3.0
5
CVSSv2
CVE-2004-0961
Memory leak in FreeRADIUS prior to 1.0.1 allows remote malicious users to cause a denial of service (memory exhaustion) via a series of Access-Request packets with (1) Ascend-Send-Secret, (2) Ascend-Recv-Secret, or (3) Tunnel-Password attributes.
Freeradius Freeradius 1.0.0
Freeradius Freeradius 0.9
Freeradius Freeradius 0.9.2
Freeradius Freeradius 0.3
Freeradius Freeradius 0.9.1
Freeradius Freeradius 0.4
Freeradius Freeradius 0.8.1
Freeradius Freeradius 0.5
Freeradius Freeradius 0.2
Freeradius Freeradius 0.8
Freeradius Freeradius 0.9.3
Redhat Fedora Core Core 2.0
Redhat Enterprise Linux 3.0
5
CVSSv2
CVE-2001-1377
Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote malicious users to cause a denial of service (crash) via a Vendor-Length that is less than 2.
Yard Radius Yard Radius 1.0 Pre15
Lucent Radius 2.0
Openradius Openradius 0.9
Openradius Openradius 0.9.3
Icradius Icradius 0.14
Gnu Radius 0.93
Icradius Icradius 0.18
Openradius Openradius 0.8
Freeradius Freeradius 0.3
Icradius Icradius 0.15
Lucent Radius 2.1
Miquel Van Smoorenburg Cistron Radius 1.6.4
Gnu Radius 0.95
Icradius Icradius 0.18.1
Xtradius Xtradius 1.1 Pre1
Lucent Radius 2.0.1
Livingston Radius 2.0.1
Icradius Icradius 0.17
Icradius Icradius 0.16
Icradius Icradius 0.17b
Gnu Radius 0.94
Miquel Van Smoorenburg Cistron Radius 1.6 .0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-38627
CVE-2022-45803
CVE-2024-38319
camera
template injection
CVE-2024-27801
CVE-2024-0762
CVE-2024-5791
unauthorized
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started