Freeradius » Freeradius » 3.0.2 : Security Vulnerabilities, CVEs, Published In 2017 (Denial of service)
An FR-GV-304 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Buffer over-read in fr_dhcp_decode_suboptions()" and a denial of service.
Max CVSS
7.5
EPSS Score
0.39%
Published
2017-07-17
Updated
2019-10-03
An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Infinite read in dhcp_attr2vp()" and a denial of service.
Max CVSS
7.5
EPSS Score
66.18%
Published
2017-07-17
Updated
2019-10-03
An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows "Infinite loop and memory exhaustion with 'concat' attributes" and a denial of service.
Max CVSS
7.8
EPSS Score
0.88%
Published
2017-07-17
Updated
2019-10-03
An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows "Write overflow in data2vp_wimax()" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code.
Max CVSS
9.8
EPSS Score
77.12%
Published
2017-07-17
Updated
2018-01-05
An FR-GV-206 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "DHCP - Read overflow when decoding option 63" and a denial of service.
Max CVSS
7.5
EPSS Score
0.53%
Published
2017-07-17
Updated
2018-01-05
An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "Read / write overflow in make_secret()" and a denial of service.
Max CVSS
7.5
EPSS Score
2.14%
Published
2017-07-17
Updated
2019-07-03
The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a zero-length EAP-PWD packet.
Max CVSS
5.9
EPSS Score
0.28%
Published
2017-03-27
Updated
2017-03-30
7 vulnerabilities found