CVE-2004-0131

Currently unrated

Key Information:

Vendor: Gnu
Status: Radius
Vendor: CVE Published:; 3 March 2004

Summary

The rad_print_request function in logger.c for GNU Radius daemon (radiusd) before 1.2 allows remote attackers to cause a denial of service (crash) via a UDP packet with an Acct-Status-Type attribute without a value and no Acct-Session-Id attribute, which causes a null dereference.

References

http://www.idefense.com/application/poi/display?id=71&typ...

third-party-advisoryx_refsource_IDEFENSE

http://ftp.gnu.org/gnu/radius/radius-1.2.tar.gz

x_refsource_CONFIRM

http://www.kb.cert.org/vuls/id/277396

third-party-advisoryx_refsource_CERT-VN

Timeline

Vulnerability published
Mar 3, 2004
Vulnerability Reserved
Feb 10, 2004