Vulnerabilities > Freeradius > Freeradius > 0.9.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-17 | CVE-2022-41859 | Insufficiently Protected Credentials vulnerability in Freeradius In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack. | 7.5 |
2023-01-17 | CVE-2022-41861 | Improper Input Validation vulnerability in Freeradius A flaw was found in freeradius. | 6.5 |
2019-05-24 | CVE-2019-10143 | Incorrect Privilege Assignment vulnerability in multiple products It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges to root, by tricking logrotate into writing a radiusd-writable file to a directory normally inaccessible by the radiusd user. | 7.0 |
2019-04-22 | CVE-2019-11235 | Insufficient Verification of Data Authenticity vulnerability in multiple products FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection mechanism, aka a "Dragonblood" issue, a similar issue to CVE-2019-9498 and CVE-2019-9499. | 7.5 |
2019-04-22 | CVE-2019-11234 | Improper Authentication vulnerability in multiple products FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication spoofing, aka a "Dragonblood" issue, a similar issue to CVE-2019-9497. | 7.5 |
2013-03-12 | CVE-2011-4966 | Credentials Management vulnerability in Freeradius modules/rlm_unix/rlm_unix.c in FreeRADIUS before 2.2.0, when unix mode is enabled for user authentication, does not properly check the password expiration in /etc/shadow, which allows remote authenticated users to authenticate using an expired password. | 6.0 |
2009-09-09 | CVE-2009-3111 | Denial of Service vulnerability in FreeRADIUS Zero-length Tunnel-Password Attributes The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. | 5.0 |
2007-04-13 | CVE-2007-2028 | Remote Denial Of Service vulnerability in FreeRadius EAP-TTLS Tunnel Memory Leak Memory leak in freeRADIUS 1.1.5 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of EAP-TTLS tunnel connections using malformed Diameter format attributes, which causes the authentication request to be rejected but does not reclaim VALUE_PAIR data structures. | 5.0 |
2004-11-03 | CVE-2004-0938 | Attribute Decoding Denial Of Service vulnerability in FreeRADIUS FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (server crash) by sending an Ascend-Send-Secret attribute without the required leading packet. | 5.0 |
2003-12-15 | CVE-2003-0967 | Unspecified vulnerability in Freeradius rad_decode in FreeRADIUS 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a short RADIUS string attribute with a tag, which causes memcpy to be called with a -1 length argument, as demonstrated using the Tunnel-Password attribute. | 5.0 |