CVE-2017-10985CVE-2017-10985

Affected configuration(s):

cpe:/a:freeradius:freeradius:3.0.0
cpe:/a:freeradius:freeradius:3.0.1
cpe:/a:freeradius:freeradius:3.0.2
cpe:/a:freeradius:freeradius:3.0.3
cpe:/a:freeradius:freeradius:3.0.4
cpe:/a:freeradius:freeradius:3.0.5
cpe:/a:freeradius:freeradius:3.0.6
cpe:/a:freeradius:freeradius:3.0.7
cpe:/a:freeradius:freeradius:3.0.8
cpe:/a:freeradius:freeradius:3.0.9
cpe:/a:freeradius:freeradius:3.0.10
cpe:/a:freeradius:freeradius:3.0.11
cpe:/a:freeradius:freeradius:3.0.12
cpe:/a:freeradius:freeradius:3.0.13
cpe:/a:freeradius:freeradius:3.0.14

Date published: 2017-07-17T13:29:00.400-04:00

Date last modified: 2017-11-03T21:29:32.913-04:00

CVSS Score: 7.8

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://freeradius.org/security/fuzzer-2017.html

Summary: An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows “Infinite loop and memory exhaustion with ‘concat’ attributes” and a denial of service.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.