Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freeradius vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2012-3547
Stack-based buffer overflow in the cbtls_verify function in FreeRADIUS 2.1.10 up to and including 2.1.12, when using TLS-based EAP methods, allows remote malicious users to cause a denial of service (server crash) and possibly execute arbitrary code via a long "not after&quo...
Freeradius Freeradius 2.1.10
Freeradius Freeradius 2.1.12
Freeradius Freeradius 2.1.11
570
VMScore
CVE-2005-4744
Off-by-one error in the sql_error function in sql_unixodbc.c in FreeRADIUS 1.0.2.5-5, and possibly other versions including 1.0.4, might allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code by causing the external database query to...
Freeradius Freeradius 1.0.4
Freeradius Freeradius 1.0.3
668
VMScore
CVE-2005-4745
SQL injection vulnerability in the rlm_sqlcounter module in FreeRADIUS 1.0.3 and 1.0.4 allows remote malicious users to execute arbitrary SQL commands via unknown attack vectors.
Freeradius Freeradius 1.0.3
Freeradius Freeradius 1.0.4
694
VMScore
CVE-2005-4746
Multiple buffer overflows in FreeRADIUS 1.0.3 and 1.0.4 allow remote malicious users to cause denial of service (crash) via (1) the rlm_sqlcounter module or (2) unknown vectors "while expanding %t".
Freeradius Freeradius 1.0.3
Freeradius Freeradius 1.0.4
NA
CVE-2022-41859
In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an malicious user to substantially reduce the size of an offline dictionary attack.
Freeradius Freeradius
445
VMScore
CVE-2007-2028
Memory leak in freeRADIUS 1.1.5 and previous versions allows remote malicious users to cause a denial of service (memory consumption) via a large number of EAP-TTLS tunnel connections using malformed Diameter format attributes, which causes the authentication request to be reject...
Freeradius Freeradius
505
VMScore
CVE-2003-0967
rad_decode in FreeRADIUS 0.9.2 and previous versions allows remote malicious users to cause a denial of service (crash) via a short RADIUS string attribute with a tag, which causes memcpy to be called with a -1 length argument, as demonstrated using the Tunnel-Password attribute.
Freeradius Freeradius
1 EDB exploit
587
VMScore
CVE-2007-0080
Buffer overflow in the SMB_Connect_Server function in FreeRadius 1.1.3 and previous versions allows malicious users to execute arbitrary code related to the server desthost field of an SMB_Handle_Type instance. NOTE: the impact of this issue has been disputed by a reliable third ...
Freeradius Freeradius
445
VMScore
CVE-2004-0938
FreeRADIUS prior to 1.0.1 allows remote malicious users to cause a denial of service (server crash) by sending an Ascend-Send-Secret attribute without the required leading packet.
Freeradius Freeradius
445
VMScore
CVE-2002-0318
FreeRADIUS RADIUS server allows remote malicious users to cause a denial of service (CPU consumption) via a flood of Access-Request packets.
Freeradius Freeradius
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »