exploitDog

CVE-2017-10980

Опубликовано: 17 июл. 2017

Источник: debian

Описание

An FR-GV-203 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in decode_tlv()" and a denial of service.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
freeradius	fixed	3.0.12+dfsg-3		package
freeradius	fixed	2.2.5+dfsg-0.2+deb8u1	jessie	package

Примечания

http://freeradius.org/security/fuzzer-2017.html#FR-GV-203
https://github.com/FreeRADIUS/freeradius-server/commit/ef0727fc68e211a36637b5c4e4a6fa1326f0a029
Mark as fixed in 3.0.12+dfsg-3 the first 3.x version in unstable
This is not fully technically correct, the issue affects only the 2.x
series but not 3.x.

Связанные уязвимости

CVE-2017-10980

CVSS3: 7.5

ubuntu

больше 8 лет назад

An FR-GV-203 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in decode_tlv()" and a denial of service.

CVE-2017-10980

CVSS3: 5.9

redhat

больше 8 лет назад

An FR-GV-203 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in decode_tlv()" and a denial of service.

CVE-2017-10980

CVSS3: 7.5

nvd

больше 8 лет назад

An FR-GV-203 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in decode_tlv()" and a denial of service.

GHSA-c589-hx7c-9gj9

CVSS3: 7.5

github

больше 3 лет назад

An FR-GV-203 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in decode_tlv()" and a denial of service.

ELSA-2017-1759

oracle-oval

больше 8 лет назад

ELSA-2017-1759: freeradius security update (IMPORTANT)