CVE-2006-4181

Currently unrated

Key Information:

Vendor: Gnu
Status: Radius
Vendor: CVE Published:; 28 November 2006

Summary

Format string vulnerability in the sqllog function in the SQL accounting code for radiusd in GNU Radius 1.2 and 1.3 allows remote attackers to execute arbitrary code via unknown vectors.

References

http://secunia.com/advisories/23087

third-party-advisoryx_refsource_SECUNIA

http://labs.idefense.com/intelligence/vulnerabilities/dis...

third-party-advisoryx_refsource_IDEFENSE

http://security.gentoo.org/glsa/glsa-200612-17.xml

vendor-advisoryx_refsource_GENTOO

EPSS Score

19% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 28, 2006
Vulnerability Reserved
Aug 16, 2006