CVE-2001-1376

5 documents5 sources
Severity
7.5HIGH
EPSS
30.5%
top 3.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
12
Ascend RadiusFreeradius FreeradiusGNU Radius+9 more
Timeline
PublishedMar 4
Latest updateApr 30

Description

Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages12 packages

NVDgnu/radius4 versions+3
NVDascend/radius1.16
NVDlucent/radius2.0, 2.0.1, 2.1+2
NVDicradius/icradius7 versions+6
NVDlivingston/radius2.0, 2.0.1, 2.1+2

Patches

Patch: www.cert.orgPatch: www.securityfocus.comPatch: www.cert.org

🔴Vulnerability Details

2
GHSA
GHSA-j9hg-49pv-5qq8: Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly ex2022-04-30
CVEList
CVE-2001-1376: Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly ex2002-06-11

📋Vendor Advisories

1
Red Hat
security flaw2001-11-13

💬Community

1
Bugzilla
CVE-2001-1376 security flaw2018-08-16
CVE-2001-1376 (HIGH CVSS 7.5) | Buffer overflow in digest calculati | cvebase.io