FreeRadius RLM_SQLCounter SQL Injection Vulnerability

Bugtraq ID: 17294
Class: Input Validation Error
CVE: CVE-2005-4745
Remote: Yes
Local: No
Published: Mar 28 2006 12:00AM
Updated: Apr 26 2007 10:40PM
Credit: Primoz Bratanic is credited with the discovery of this vulnerability.
Vulnerable: MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 4.0
FreeRADIUS FreeRADIUS 1.0.4
FreeRADIUS FreeRADIUS 1.0.3
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
Not Vulnerable: FreeRADIUS FreeRADIUS 1.1.1
FreeRADIUS FreeRADIUS 1.1
FreeRADIUS FreeRADIUS 1.0.5


 

Privacy Statement
Copyright 2010, SecurityFocus