CVE-2001-1377
First published: Mon Mar 04 2002(Updated: )
Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Yard Radius Yard Radius | =1.0_pre15 | |
| Lucent RADIUS | =2.0 | |
| Openradius Openradius | =0.9 | |
| Openradius Openradius | =0.9.3 | |
| Icradius Icradius | =0.14 | |
| GNU Radius | =0.93 | |
| Icradius Icradius | =0.18 | |
| Openradius Openradius | =0.8 | |
| Freeradius Freeradius | =0.3 | |
| Icradius Icradius | =0.15 | |
| Lucent RADIUS | =2.1 | |
| Miquel Van Smoorenburg Cistron Radius | =1.6.4 | |
| GNU Radius | =0.95 | |
| Icradius Icradius | =0.18.1 | |
| Xtradius Xtradius | =1.1_pre1 | |
| Lucent RADIUS | =2.0.1 | |
| Livingston RADIUS | =2.0.1 | |
| Icradius Icradius | =0.17 | |
| Icradius Icradius | =0.16 | |
| Icradius Icradius | =0.17b | |
| GNU Radius | =0.94 | |
| Miquel Van Smoorenburg Cistron Radius | =1.6_.0 | |
| Yard Radius Yard Radius | =1.0.18 | |
| Yard Radius Yard Radius | =1.0.17 | |
| Miquel Van Smoorenburg Cistron Radius | =1.6.1 | |
| Xtradius Xtradius | =1.1_pre2 | |
| GNU Radius | =0.92.1 | |
| Miquel Van Smoorenburg Cistron Radius | =1.6.3 | |
| Livingston RADIUS | =2.1 | |
| Livingston RADIUS | =2.0 | |
| Openradius Openradius | =0.9.1 | |
| Yard Radius Yard Radius | =1.0_pre13 | |
| Radiusclient Radiusclient | =0.3.1 | |
| Openradius Openradius | =0.9.2 | |
| Miquel Van Smoorenburg Cistron Radius | =1.6.2 | |
| Freeradius Freeradius | =0.2 | |
| Yard Radius Yard Radius | =1.0_pre14 | |
| Miquel Van Smoorenburg Cistron Radius | =1.6.5 | |
| Yard Radius Yard Radius | =1.0.19 | |
| Yard Radius Project Yard Radius | =1.0.16 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.kb.cert.org/vuls/id/936683
- http://www.cert.org/advisories/CA-2002-06.html
- http://www.iss.net/security_center/static/8354.php
- http://www.securityfocus.com/bid/4230
- http://www.redhat.com/support/errata/RHSA-2002-030.html
- http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466
- http://marc.info/?l=bugtraq&m=101537153021792&w=2
- collector/nvd-historical
- vendor/yard radius
- product/yard radius
- canonical/yard radius yard radius
- vendor/lucent
- product/radius
- canonical/lucent radius
- vendor/openradius
- product/openradius
- canonical/openradius openradius
- vendor/icradius
- product/icradius
- canonical/icradius icradius
- vendor/gnu
- canonical/gnu radius
- vendor/freeradius
- product/freeradius
- canonical/freeradius freeradius
- vendor/miquel van smoorenburg cistron
- canonical/miquel van smoorenburg cistron radius
- vendor/xtradius
- product/xtradius
- canonical/xtradius xtradius
- vendor/livingston
- canonical/livingston radius
- vendor/radiusclient
- product/radiusclient
- canonical/radiusclient radiusclient
- vendor/yard radius project
- canonical/yard radius project yard radius
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/description
- agent/remedy
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- version/yard radius yard radius/1.0_pre15
- version/lucent radius/2.0
- version/openradius openradius/0.9
- version/openradius openradius/0.9.3
- version/icradius icradius/0.14
- version/gnu radius/0.93
- version/icradius icradius/0.18
- version/openradius openradius/0.8
- version/freeradius freeradius/0.3
- version/icradius icradius/0.15
- version/lucent radius/2.1
- version/miquel van smoorenburg cistron radius/1.6.4
- version/gnu radius/0.95
- version/icradius icradius/0.18.1
- version/xtradius xtradius/1.1_pre1
- version/lucent radius/2.0.1
- version/livingston radius/2.0.1
- version/icradius icradius/0.17
- version/icradius icradius/0.16
- version/icradius icradius/0.17b
- version/gnu radius/0.94
- version/miquel van smoorenburg cistron radius/1.6_.0
- version/yard radius yard radius/1.0.18
- version/yard radius yard radius/1.0.17
- version/miquel van smoorenburg cistron radius/1.6.1
- version/xtradius xtradius/1.1_pre2
- version/gnu radius/0.92.1
- version/miquel van smoorenburg cistron radius/1.6.3
- version/livingston radius/2.1
- version/livingston radius/2.0
- version/openradius openradius/0.9.1
- version/yard radius yard radius/1.0_pre13
- version/radiusclient radiusclient/0.3.1
- version/openradius openradius/0.9.2
- version/miquel van smoorenburg cistron radius/1.6.2
- version/freeradius freeradius/0.2
- version/yard radius yard radius/1.0_pre14
- version/miquel van smoorenburg cistron radius/1.6.5
- version/yard radius yard radius/1.0.19
- version/yard radius project yard radius/1.0.16