High

DATE	CVE	VULNERABILITY TITLE	RISK
2008-10-07	CVE-2008-4474	Link Following vulnerability in Freeradius 2.0.4 freeradius-dialupadmin in freeradius 2.0.4 allows local users to overwrite arbitrary files via a symlink attack on temporary files in (1) backup_radacct, (2) clean_radacct, (3) monthly_tot_stats, (4) tot_stats, and (5) truncate_radacct. local low complexity freeradius CWE-59	7.2
2006-03-22	CVE-2006-1354	Authentication Bypass vulnerability in FreeRADIUS EAP-MSCHAPv2 Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote attackers to bypass authentication or cause a denial of service (server crash) via "Insufficient input validation" in the EAP-MSCHAPv2 state machine module. network low complexity freeradius	7.5
2005-12-31	CVE-2005-4746	RLM_SQLCounter Buffer Overflow vulnerability in Freeradius 1.0.3/1.0.4 Multiple buffer overflows in FreeRADIUS 1.0.3 and 1.0.4 allow remote attackers to cause denial of service (crash) via (1) the rlm_sqlcounter module or (2) unknown vectors "while expanding %t". network low complexity freeradius	7.8
2005-12-31	CVE-2005-4745	SQL Injection vulnerability in Freeradius 1.0.3/1.0.4 SQL injection vulnerability in the rlm_sqlcounter module in FreeRADIUS 1.0.3 and 1.0.4 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. network low complexity freeradius	7.5
2005-05-19	CVE-2005-1455	Buffer Overflow vulnerability in Freeradius 1.0.2 Buffer overflow in the sql_escape_func function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote attackers to cause a denial of service (crash). network low complexity freeradius	7.5
2005-05-19	CVE-2005-1454	SQL Injection vulnerability in Freeradius 1.0.2 SQL injection vulnerability in the radius_xlat function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via (1) group_membership_query, (2) simul_count_query, or (3) simul_verify_query configuration entries. network low complexity freeradius	7.5
2002-03-04	CVE-2001-1376	Buffer Overflow vulnerability in Multiple Vendor RADIUS Digest Calculation Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data. network low complexity ascend freeradius gnu icradius livingston lucent miquel-van-smoorenburg-cistron openradius radiusclient xtradius yard-radius yard-radius-project	7.5