Multiple format string vulnerabilities in Yet Another Radius Daemon (YARD RADIUS) 1.1.2 allow context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in a request in the (1) log_msg function in log.c or (2) version or (3) build_version function in version.c.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
yard radius project yard radius 1.1.2-4 |