Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote malicious users to cause a denial of service (crash) via a Vendor-Length that is less than 2.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
freeradius freeradius 0.2 |
||
icradius icradius 0.15 |
||
icradius icradius 0.16 |
||
livingston radius 2.1 |
||
lucent radius 2.0 |
||
miquel van smoorenburg cistron radius 1.6_.0 |
||
openradius openradius 0.8 |
||
xtradius xtradius 1.1_pre2 |
||
yard radius project yard radius 1.0.16 |
||
freeradius freeradius 0.3 |
||
gnu radius 0.92.1 |
||
icradius icradius 0.17 |
||
icradius icradius 0.17b |
||
lucent radius 2.0.1 |
||
lucent radius 2.1 |
||
openradius openradius 0.9 |
||
openradius openradius 0.9.1 |
||
yard radius yard radius 1.0.17 |
||
yard radius yard radius 1.0.18 |
||
gnu radius 0.95 |
||
icradius icradius 0.14 |
||
livingston radius 2.0 |
||
livingston radius 2.0.1 |
||
miquel van smoorenburg cistron radius 1.6.3 |
||
miquel van smoorenburg cistron radius 1.6.4 |
||
miquel van smoorenburg cistron radius 1.6.5 |
||
radiusclient radiusclient 0.3.1 |
||
xtradius xtradius 1.1_pre1 |
||
yard radius yard radius 1.0_pre14 |
||
yard radius yard radius 1.0_pre15 |
||
gnu radius 0.93 |
||
gnu radius 0.94 |
||
icradius icradius 0.18 |
||
icradius icradius 0.18.1 |
||
miquel van smoorenburg cistron radius 1.6.1 |
||
miquel van smoorenburg cistron radius 1.6.2 |
||
openradius openradius 0.9.2 |
||
openradius openradius 0.9.3 |
||
yard radius yard radius 1.0.19 |
||
yard radius yard radius 1.0_pre13 |