• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Apache mod_auth_radius Malformed RADIUS Server Reply Integer Overflow Vulnerability

mod_auth_radius is reported prone to an integer overflow vulnerability. This issue is due to an error in the application when handling server-supplied integer values before these values are employed as the size argument in a subsequent memory copy operation.

To exploit this vulnerability, an attacker must control a RADIUS server or intercept network traffic and send spoofed RADIUS replies to the Apache server. Successful exploitation may result in memory corruption and allow for arbitrary code execution.

All versions of mod_auth_radius are considered vulnerable at the moment.