CVE-2001-1376

Multiple RADIUS - Buffer Overflow/DoS

Title source: llm

Description

Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data.

References (9)

[Third Party Advisory] http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html

[Vendor Advisory] http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000466

[Mailing List] http://marc.info/?l=bugtraq&m=101537153021792&w=2

[Vendor Advisory] http://online.securityfocus.com/archive/1/239784

[Patch, Third Party Advisory, US Government Resource] http://www.cert.org/advisories/CA-2002-06.html

[US Government Resource] http://www.kb.cert.org/vuls/id/589523

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2002-030.html

[Patch, Vendor Advisory] http://www.securityfocus.com/bid/3530

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/7534

Scores

EPSS 0.3049

EPSS Percentile 96.6%

Classification

Status draft

Affected Products (40)

ascend/radius

freeradius/freeradius

gnu/radius

icradius/icradius

livingston/radius

... and 25 more

Timeline

Published Mar 04, 2002

Tracked Since Feb 18, 2026