Описание
Stack-based buffer overflow in the cbtls_verify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via a long "not after" timestamp in a client certificate.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2.1.12+dfsg-1.1 |
| hardy | ignored | end of life |
| lucid | not-affected | code not present |
| natty | released | 2.1.10+dfsg-2ubuntu2.1 |
| oneiric | released | 2.1.10+dfsg-3ubuntu0.11.10.1 |
| precise | released | 2.1.10+dfsg-3ubuntu0.12.04.1 |
| upstream | released | 2.2.0 |
Показывать по
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
Stack-based buffer overflow in the cbtls_verify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via a long "not after" timestamp in a client certificate.
Stack-based buffer overflow in the cbtls_verify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via a long "not after" timestamp in a client certificate.
Stack-based buffer overflow in the cbtls_verify function in FreeRADIUS ...
Stack-based buffer overflow in the cbtls_verify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via a long "not after" timestamp in a client certificate.
EPSS
6.8 Medium
CVSS2