Описание
[REJECTED CVE] A vulnerability has been identified in Freeradius. Attributes of data type 'signed' would sometimes be created from uninitialized memory, instead of from the received packet. There is only one 'signed' attribute, which is in the WiMAX dictionaries, and it is used only in certain limited situations.
Отчет
This CVE has been rejected, because upstream report say: No overflow or exploit is possible. No remote code execution is possible. No denial of service is possible. Exploitation does not cross a privilege boundary in a correct and realistic product deployment.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | freeradius | Not affected | ||
| Red Hat Enterprise Linux 5 | freeradius2 | Not affected | ||
| Red Hat Enterprise Linux 6 | freeradius | Not affected | ||
| Red Hat Enterprise Linux 7 | freeradius | Not affected |
Показывать по
Дополнительная информация
0 Low
CVSS3
Связанные уязвимости
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
0 Low
CVSS3