Format String Vulnerability in GNU Radius by GNU
CVE-2006-4181

Currently unrated

Key Information:

Vendor: Gnu
Status: Radius
Vendor: CVE Published:; 28 November 2006

Summary

The GNU Radius product suffers from a format string vulnerability in its sqllog function, which is part of the SQL accounting code. This issue allows remote attackers to exploit the vulnerability and execute arbitrary code through unknown vectors, potentially compromising the integrity and security of the application.

References

http://secunia.com/advisories/23087

third-party-advisoryx_refsource_SECUNIA

http://labs.idefense.com/intelligence/vulnerabilities/dis...

third-party-advisoryx_refsource_IDEFENSE

http://security.gentoo.org/glsa/glsa-200612-17.xml

vendor-advisoryx_refsource_GENTOO

EPSS Score

21% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 28, 2006
Vulnerability Reserved
Aug 16, 2006