Stack-based buffer overflow vulnerability in freeradius and freeradius2 via a long password hashID: oval:org.secpod.oval:def:22320 | Date: (C)2014-12-31 (M)2023-07-28 |
Class: VULNERABILITY | Family: unix |
The host is installed with freeradius2 or freeradius 2.x through 2.2.3 or 3.x through 3.0.1 and is prone to a stack-based buffer overflow vulnerability. The flaws are present in the applications, which fail to properly handle a long password hash, as demonstrated by an SSHA hash. Successful exploitation might allow attackers to cause a denial of service (crash).
Platform: |
Red Hat Enterprise Linux 5 |
Red Hat Enterprise Linux 6 |
Product: |
freeradius2 |
freeradius |