CVE-2010-3696 in FreeRADIUSinfo

Summary

The fr_dhcp_decode function in lib/dhcp.c in FreeRADIUS 2.1.9, in certain non-default builds, does not properly handle the DHCP Relay Agent Information option, which allows remote attackers to cause a denial of service (infinite loop and daemon outage) via a packet that has more than one sub-option. NOTE: some of these details are obtained from third party information.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

10/01/2010

Disclosure

10/07/2010

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
54951	FreeRADIUS dhcp.c fr_dhcp_decode resource management	399	Not defined	Official fix	CVE-2010-3696

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Interested in the pricing of exploits?

See the underground prices here!