Integer Overflow Vulnerability in GNU Radius by GNU
CVE-2004-0849
Currently unrated
Summary
An integer overflow vulnerability exists in the asn_decode_string() function within asn1.c of GNU Radius versions 1.1 and 1.2. This vulnerability, triggered when the software is compiled with the --enable-snmp option, may allow remote attackers to exploit specific SNMP requests, resulting in a denial of service by causing the daemon to crash.
References
Timeline
Vulnerability published
Vulnerability Reserved