GNU Radius Remote Denial Of Service Vulnerability
BID:9578
Info
GNU Radius Remote Denial Of Service Vulnerability
| Bugtraq ID: | 9578 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 04 2004 12:00AM |
| Updated: | Feb 04 2004 12:00AM |
| Credit: | Discovery of this vulnerability has been credit to iDEFENSE. |
| Vulnerable: |
GNU Radius 1.1 |
| Not Vulnerable: |
GNU Radius 1.2 |
Discussion
GNU Radius Remote Denial Of Service Vulnerability
GNU Radius has been reported prone to a remote denial of service vulnerability. The issue presents itself when a single UDP datagram is processed that contains a specific attribute without any other data. When the affected server handles this datagram, the server will segfault due to a NULL Pointer dereference.
GNU Radius has been reported prone to a remote denial of service vulnerability. The issue presents itself when a single UDP datagram is processed that contains a specific attribute without any other data. When the affected server handles this datagram, the server will segfault due to a NULL Pointer dereference.
Exploit / POC
GNU Radius Remote Denial Of Service Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
GNU Radius Remote Denial Of Service Vulnerability
Solution:
The vendor has provided an update for this issue:
GNU Radius 1.1
Solution:
The vendor has provided an update for this issue:
GNU Radius 1.1
-
GNU radius-1.2.tar.gz
http://ftp.gnu.org/gnu/radius/radius-1.2.tar.gz
References
GNU Radius Remote Denial Of Service Vulnerability
References:
References: