Remote Denial of Service in GNU Radius Daemon
CVE-2004-0131

Currently unrated

Key Information:

Vendor
Gnu
Status
Vendor
CVE Published:
3 March 2004

Summary

The rad_print_request function within logger.c of GNU Radius daemon allows remote attackers to exploit a misconstructed UDP packet. By sending a packet that includes an Acct-Status-Type attribute without a value, and lacking an Acct-Session-Id attribute, attackers can trigger a null dereference, leading to a denial of service. This vulnerability impacts versions of the software prior to 1.2, rendering the service susceptible to crashes.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.