CVE-2005-4746

Multiple buffer overflows in FreeRADIUS 1.0.3 and 1.0.4 allow remote attackers to cause denial of service (crash) via (1) the rlm_sqlcounter module or (2) unknown vectors "while expanding %t".

Published: Dec 31, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-4746
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
freeradius / freeradius	1.0.4	1.0.4.x
freeradius / freeradius	1.0.3	1.0.3.x

http://www.debian.org/security/2006/dsa-1145
http://www.freeradius.org/security.html
http://www.mandriva.com/security/advisories?name=MDKSA-2006:066
http://www.mandriva.com/security/advisories?name=MDKSA-2007:092
http://www.osvdb.org/19324
http://www.osvdb.org/19325
http://www.securityfocus.com/bid/17293

Vulnerability Database

289,784

CVE-2005-4746