CVE-2001-1376

Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data.

Published: Mar 4, 2002
Updated: Apr 13, 2023
CVE: CVE-2001-1376
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
yard_radius / yard_radius	1.0_pre15	1.0_pre15.x
ascend / radius	1.16	1.16.x
lucent / radius	2.0	2.0.x
openradius / openradius	0.9	0.9.x
openradius / openradius	0.9.3	0.9.3.x
icradius / icradius	0.14	0.14.x
gnu / radius	0.93	0.93.x
icradius / icradius	0.18	0.18.x
openradius / openradius	0.8	0.8.x
freeradius / freeradius	0.3	0.3.x
icradius / icradius	0.15	0.15.x
lucent / radius	2.1	2.1.x
miquel_van_smoorenburg_cistron / radius	1.6.4	1.6.4.x
gnu / radius	0.95	0.95.x
icradius / icradius	0.18.1	0.18.1.x
xtradius / xtradius	1.1_pre1	1.1_pre1.x
lucent / radius	2.0.1	2.0.1.x
livingston / radius	2.0.1	2.0.1.x
icradius / icradius	0.17	0.17.x
icradius / icradius	0.16	0.16.x
icradius / icradius	0.17b	0.17b.x
gnu / radius	0.94	0.94.x
miquel_van_smoorenburg_cistron / radius	1.6_.0	1.6_.0.x
yard_radius / yard_radius	1.0.18	1.0.18.x
yard_radius / yard_radius	1.0.17	1.0.17.x
miquel_van_smoorenburg_cistron / radius	1.6.1	1.6.1.x
gnu / radius	0.92.1	0.92.1.x
miquel_van_smoorenburg_cistron / radius	1.6.3	1.6.3.x
livingston / radius	2.1	2.1.x
livingston / radius	2.0	2.0.x
openradius / openradius	0.9.1	0.9.1.x
yard_radius / yard_radius	1.0_pre13	1.0_pre13.x
radiusclient / radiusclient	0.3.1	0.3.1.x
openradius / openradius	0.9.2	0.9.2.x
miquel_van_smoorenburg_cistron / radius	1.6.2	1.6.2.x
freeradius / freeradius	0.2	0.2.x
yard_radius / yard_radius	1.0_pre14	1.0_pre14.x
miquel_van_smoorenburg_cistron / radius	1.6.5	1.6.5.x
yard_radius / yard_radius	1.0.19	1.0.19.x
yard_radius_project / yard_radius	1.0.16	1.0.16.x

Vulnerability Database

289,697

CVE-2001-1376