Integer Overflow Vulnerability in GNU Radius by GNU
CVE-2004-0849

Currently unrated

Key Information:

Vendor
Gnu
Status
Vendor
CVE Published:
23 December 2004

Summary

An integer overflow vulnerability exists in the asn_decode_string() function within asn1.c of GNU Radius versions 1.1 and 1.2. This vulnerability, triggered when the software is compiled with the --enable-snmp option, may allow remote attackers to exploit specific SNMP requests, resulting in a denial of service by causing the daemon to crash.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.