The rad_print_request function in logger.c for GNU Radius daemon (radiusd) prior to 1.2 allows remote malicious users to cause a denial of service (crash) via a UDP packet with an Acct-Status-Type attribute without a value and no Acct-Session-Id attribute, which causes a null dereference.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnu radius 1.1 |