Vulnerability Details : CVE-2005-4744
Off-by-one error in the sql_error function in sql_unixodbc.c in FreeRADIUS 1.0.2.5-5, and possibly other versions including 1.0.4, might allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing the external database query to fail. NOTE: this single issue is part of a larger-scale disclosure, originally by SUSE, which reported multiple issues that were disputed by FreeRADIUS. Disputed issues included file descriptor leaks, memory disclosure, LDAP injection, and other issues. Without additional information, the most recent FreeRADIUS report is being regarded as the authoritative source for this CVE identifier.
Vulnerability category: Execute codeDenial of service
Products affected by CVE-2005-4744
- cpe:2.3:a:freeradius:freeradius:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:1.0.4:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2005-4744
2.01%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 89 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2005-4744
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.4
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:P |
10.0
|
4.9
|
NIST |
References for CVE-2005-4744
-
http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:066
Mandriva
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10449
404 Not Found
-
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167676
167676 – CVE-2005-4744 Multiple freeradius security issues
-
http://www.securityfocus.com/bid/14775
Patch
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/22211
FreeRADIUS token.c and sql_unixodbc.c denial of service CVE-2005-4744 Vulnerability Report
-
http://rhn.redhat.com/errata/RHSA-2006-0271.html
RHSA-2006:0271 - Security Advisory - Red Hat Customer Portal
-
http://www.freeradius.org/security/20050909-vendor-sec.txt
-
http://www.freeradius.org/security/20050909-response-to-suse.txt
-
ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
-
http://www.debian.org/security/2006/dsa-1089
[SECURITY] [DSA 1089-1] New freeradius packages fix arbitrary code execution
Jump to