Описание
Memory leak in freeRADIUS 1.1.5 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of EAP-TTLS tunnel connections using malformed Diameter format attributes, which causes the authentication request to be rejected but does not reclaim VALUE_PAIR data structures.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.1.0-1ubuntu2.1 |
| devel | not-affected | |
| edgy | released | 1.1.3-1ubuntu0.1 |
| feisty | released | 1.1.3-3ubuntu1.1 |
| gutsy | not-affected | |
| upstream | released | 1.1.6 |
Показывать по
Ссылки на источники
EPSS
5 Medium
CVSS2
Связанные уязвимости
Memory leak in freeRADIUS 1.1.5 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of EAP-TTLS tunnel connections using malformed Diameter format attributes, which causes the authentication request to be rejected but does not reclaim VALUE_PAIR data structures.
Memory leak in freeRADIUS 1.1.5 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of EAP-TTLS tunnel connections using malformed Diameter format attributes, which causes the authentication request to be rejected but does not reclaim VALUE_PAIR data structures.
Memory leak in freeRADIUS 1.1.5 and earlier allows remote attackers to ...
Memory leak in freeRADIUS 1.1.5 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of EAP-TTLS tunnel connections using malformed Diameter format attributes, which causes the authentication request to be rejected but does not reclaim VALUE_PAIR data structures.
ELSA-2007-0338: Moderate: freeradius security update (MODERATE)
EPSS
5 Medium
CVSS2