Multiple Vendor Radius Short Vendor-Length Field Denial Of Service Vulnerability

Bugtraq ID: 4230
Class: Design Error
CVE: CVE-2001-1377
Remote: Yes
Local: No
Published: Mar 04 2002 12:00AM
Updated: Jul 11 2009 10:56AM
Credit: This vulnerability discovery credited to 3APA3A <3APA3A@SECURITY.NNOV.RU>.
Vulnerable: Yard RADIUS Yard RADIUS 1.0.19
Yard RADIUS Yard RADIUS 1.0.18
Yard RADIUS Yard RADIUS 1.0.17
Yard RADIUS Yard RADIUS 1.0.16
XTRadius XTRadius 1.2.1 beta
XTRadius XTRadius 1.1 -pre2
XTRadius XTRadius 1.1 -pre1
Turbolinux Turbolinux Workstation 8.0
Turbolinux Turbolinux Workstation 7.0
Turbolinux Turbolinux Server 8.0
Turbolinux Turbolinux Server 7.0
Turbolinux Turbolinux Server 6.5
Turbolinux Turbolinux Server 6.1
Turbolinux Turbolinux Advanced Server 6.0
OpenRADIUS OpenRADIUS 0.9.3
OpenRADIUS OpenRADIUS 0.9.2
OpenRADIUS OpenRADIUS 0.9.1
OpenRADIUS OpenRADIUS 0.9
OpenRADIUS OpenRADIUS 0.8
Miquel van Smoorenburg Cistron Radius 1.6.5
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.4
- FreeBSD FreeBSD 4.3
- FreeBSD FreeBSD 4.2
- FreeBSD FreeBSD 4.1.1
- RedHat Linux 7.1 i386
 - RedHat Linux 7.1 alpha
 - RedHat Linux 7.0 i386
 - RedHat Linux 7.0 alpha
 Miquel van Smoorenburg Cistron Radius 1.6.4
+ S.u.S.E. Linux 7.3 sparc
 + S.u.S.E. Linux 7.3 ppc
 + S.u.S.E. Linux 7.3 i386
 + S.u.S.E. Linux 7.2 i386
 + S.u.S.E. Linux 7.1 x86
 + S.u.S.E. Linux 7.1 sparc
 + S.u.S.E. Linux 7.1 ppc
 + S.u.S.E. Linux 7.1 alpha
 Miquel van Smoorenburg Cistron Radius 1.6.3
+ Conectiva Linux 7.0
+ S.u.S.E. Linux 7.0 sparc
 + S.u.S.E. Linux 7.0 ppc
 + S.u.S.E. Linux 7.0 i386
 + S.u.S.E. Linux 7.0 alpha
 Miquel van Smoorenburg Cistron Radius 1.6.2
+ S.u.S.E. Linux 6.4 ppc
 + S.u.S.E. Linux 6.4 i386
 + S.u.S.E. Linux 6.4 alpha
 Miquel van Smoorenburg Cistron Radius 1.6.1
+ Conectiva Linux 6.0
+ Conectiva Linux 5.1
+ Conectiva Linux 5.0
+ Conectiva Linux graficas
 + Conectiva Linux ecommerce
 Miquel van Smoorenburg Cistron Radius 1.6 .0
Lucent RADIUS 2.1
Lucent RADIUS 2.0 1
Lucent RADIUS 2.0
ICRadius ICRADIUS 0.18.1
ICRadius ICRADIUS 0.18
ICRadius ICRADIUS 0.17 b
ICRadius ICRADIUS 0.17
ICRadius ICRADIUS 0.16
ICRadius ICRADIUS 0.15
ICRadius ICRADIUS 0.14
- Larry Wall Perl 5.0 05
 - Larry Wall Perl 5.0 05
 - Larry Wall Perl 5.0 05
 - MySQL AB MySQL 3.23.10
GNU Radius 0.95
GNU Radius 0.94
GNU Radius 0.93
GNU Radius 0.92.1
FreeRADIUS FreeRADIUS 0.3
FreeRADIUS FreeRADIUS 0.3
FreeRADIUS FreeRADIUS 0.2
Not Vulnerable: Yard RADIUS Yard RADIUS 1.0.20
+ Debian Linux 3.0 sparc
 + Debian Linux 3.0 s/390
 + Debian Linux 3.0 ppc
 + Debian Linux 3.0 mipsel
 + Debian Linux 3.0 mips
 + Debian Linux 3.0 m68k
 + Debian Linux 3.0 ia-64
 + Debian Linux 3.0 ia-32
 + Debian Linux 3.0 hppa
 + Debian Linux 3.0 arm
 + Debian Linux 3.0 alpha
 + Debian Linux 3.0
OpenRADIUS OpenRADIUS 0.9.4
Miquel van Smoorenburg Cistron Radius 1.6.6
+ Conectiva Linux 9.0
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
- RedHat Linux 7.1 i386
 - RedHat Linux 7.1 alpha
 - RedHat Linux 7.0 i386
 - RedHat Linux 7.0 alpha
 + S.u.S.E. Linux 8.0
GNU Radius 0.96
FreeRADIUS FreeRADIUS 0.4


 

Privacy Statement
Copyright 2010, SecurityFocus