Search CVE reports
1 – 3 of 3 results
CVE-2024-3596
Medium prioritySome fixes available 3 of 20
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix...
3 affected packages
freeradius, krb5, libpam-radius-auth
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| freeradius | Fixed | Fixed | Fixed | Vulnerable | Vulnerable |
| krb5 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libpam-radius-auth | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2015-9542
Medium priorityadd_password in pam_radius_auth.c in pam_radius 1.4.0 does not correctly check the length of the input password, and is vulnerable to a stack-based buffer overflow during memcpy(). An attacker could send a crafted password to an...
1 affected package
libpam-radius-auth
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libpam-radius-auth | — | — | — | Fixed | Fixed |
CVE-2005-0108
Unknown priorityApache mod_auth_radius 1.5.4 and libpam-radius-auth allow remote malicious RADIUS servers to cause a denial of service (crash) via a RADIUS_REPLY_MESSAGE with a RADIUS attribute length of 1, which leads to a memcpy operation with...
1 affected package
libpam-radius-auth
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libpam-radius-auth | — | — | — | — | — |