CVE-2017-10981

Опубликовано: 17 июл. 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

An FR-GV-204 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in fr_dhcp_decode()" and a denial of service.

Ссылки

http://freeradius.org/security/fuzzer-2017.html
Patch
Vendor Advisory
http://www.debian.org/security/2017/dsa-3930
http://www.securityfocus.com/bid/99898
http://www.securitytracker.com/id/1038914
Third Party Advisory
VDB Entry
https://access.redhat.com/errata/RHSA-2017:1759
http://freeradius.org/security/fuzzer-2017.html
Patch
Vendor Advisory
http://www.debian.org/security/2017/dsa-3930
http://www.securityfocus.com/bid/99898
http://www.securitytracker.com/id/1038914
Third Party Advisory
VDB Entry
https://access.redhat.com/errata/RHSA-2017:1759

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:freeradius:freeradius:2.0.0:*:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.0.0:pre1:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.0.0:pre2:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.0.1:*:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.0.2:*:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.0.3:*:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.0.4:*:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.0.5:*:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.1.0:*:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.1.1:*:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.1.2:*:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.1.3:*:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.1.4:*:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.1.6:*:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.1.7:*:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.1.8:*:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.1.9:*:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.1.10:*:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.1.11:*:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.1.12:*:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.2.0:*:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.2.1:*:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.2.2:*:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.2.3:*:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.2.4:*:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.2.5:*:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.2.6:*:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.2.7:*:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.2.8:*:*:*:*:*:*:*

cpe:2.3:a:freeradius:freeradius:2.2.9:*:*:*:*:*:*:*

EPSS

Процентиль: 81%

0.01594

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-772

Связанные уязвимости

CVE-2017-10981

CVSS3: 7.5

ubuntu

больше 8 лет назад

An FR-GV-204 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in fr_dhcp_decode()" and a denial of service.

CVE-2017-10981

CVSS3: 5.9

redhat

больше 8 лет назад

An FR-GV-204 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in fr_dhcp_decode()" and a denial of service.

CVE-2017-10981

CVSS3: 7.5

debian

больше 8 лет назад

An FR-GV-204 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memo ...

GHSA-q4wp-g82j-gjp3

CVSS3: 7.5

github

больше 3 лет назад

An FR-GV-204 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in fr_dhcp_decode()" and a denial of service.

SUSE-SU-2017:2244-1

suse-cvrf

около 8 лет назад

Security update for freeradius-server

EPSS

Процентиль: 81%

0.01594

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-772