CVE-2003-0967 in FreeRADIUSinfo

Summary

rad_decode in FreeRADIUS 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a short RADIUS string attribute with a tag, which causes memcpy to be called with a -1 length argument, as demonstrated using the Tunnel-Password attribute.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

11/26/2003

Disclosure

12/15/2003

Moderation

VulDB entry created

Entries

VDB-415 (2)

CPE

ready

CWE

CWE-119 (Confirmed)

Exploit

Download

CVSS

7.3

EPSS

0.05986

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2003-0967
NVD	https://nvd.nist.gov/vuln/detail/CVE-2003-0967
CVE Details	https://www.cvedetails.com/cve/CVE-2003-0967/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!