Vulnerabilities > CVE-2001-1376 - Buffer Overflow vulnerability in Multiple Vendor RADIUS Digest Calculation
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
low complexity
ascend
freeradius
gnu
icradius
livingston
lucent
miquel-van-smoorenburg-cistron
openradius
radiusclient
xtradius
yard-radius
yard-radius-project
Summary
Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 | |
| Application | 2 | |
| Application | 4 | |
| Application | 7 | |
| Application | 3 | |
| Application | 3 | |
| Application | 6 | |
| Application | 5 | |
| Application | 1 | |
| Application | 1 | |
| Application | 6 | |
| Application | 1 |
Redhat
| advisories |
|
References
- http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466
- http://marc.info/?l=bugtraq&m=101537153021792&w=2
- http://online.securityfocus.com/archive/1/239784
- http://www.cert.org/advisories/CA-2002-06.html
- http://www.kb.cert.org/vuls/id/589523
- http://www.redhat.com/support/errata/RHSA-2002-030.html
- http://www.securityfocus.com/bid/3530
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7534