Vulnerability Database

299,879

Total vulnerabilities in the database

CVE-2001-1377

Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2.

  • Published: Mar 4, 2002
  • Updated: Nov 9, 2025
  • CVE: CVE-2001-1377
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Software From Fixed in
yard_radius / yard_radius 1.0_pre15 1.0_pre15.x
lucent / radius 2.0 2.0.x
openradius / openradius 0.9 0.9.x
openradius / openradius 0.9.3 0.9.3.x
icradius / icradius 0.14 0.14.x
gnu / radius 0.93 0.93.x
icradius / icradius 0.18 0.18.x
openradius / openradius 0.8 0.8.x
freeradius / freeradius 0.3 0.3.x
icradius / icradius 0.15 0.15.x
lucent / radius 2.1 2.1.x
miquel_van_smoorenburg_cistron / radius 1.6.4 1.6.4.x
gnu / radius 0.95 0.95.x
icradius / icradius 0.18.1 0.18.1.x
xtradius / xtradius 1.1_pre1 1.1_pre1.x
lucent / radius 2.0.1 2.0.1.x
livingston / radius 2.0.1 2.0.1.x
icradius / icradius 0.17 0.17.x
icradius / icradius 0.16 0.16.x
icradius / icradius 0.17b 0.17b.x
gnu / radius 0.94 0.94.x
miquel_van_smoorenburg_cistron / radius 1.6_.0 1.6_.0.x
yard_radius / yard_radius 1.0.18 1.0.18.x
yard_radius / yard_radius 1.0.17 1.0.17.x
miquel_van_smoorenburg_cistron / radius 1.6.1 1.6.1.x
xtradius / xtradius 1.1_pre2 1.1_pre2.x
gnu / radius 0.92.1 0.92.1.x
miquel_van_smoorenburg_cistron / radius 1.6.3 1.6.3.x
livingston / radius 2.1 2.1.x
livingston / radius 2.0 2.0.x
openradius / openradius 0.9.1 0.9.1.x
yard_radius / yard_radius 1.0_pre13 1.0_pre13.x
radiusclient / radiusclient 0.3.1 0.3.1.x
openradius / openradius 0.9.2 0.9.2.x
miquel_van_smoorenburg_cistron / radius 1.6.2 1.6.2.x
freeradius / freeradius 0.2 0.2.x
yard_radius / yard_radius 1.0_pre14 1.0_pre14.x
miquel_van_smoorenburg_cistron / radius 1.6.5 1.6.5.x
yard_radius / yard_radius 1.0.19 1.0.19.x
yard_radius_project / yard_radius 1.0.16 1.0.16.x