Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多个RADIUS实现vendor-length域拒绝服务漏洞
Vulnerability Description
Remote Authentication Dial In User Service(RADIUS)服务器可用于对使用RADIUS协议的终端进行认证、授权和统计,基于RFC 2865。它可应用多种操作系统之下。 部分RADIUS协议实现中存在一个安全漏洞,由于没有对vendor-specific属性的vendor-length域进行正确验证,远程攻击者可以通过发送包含畸形vendor-specific属性的数据包造成RADIUS服务器或客户端崩溃。 RADIUS服务器和客户端没有正确验证vendor-sp
CVSS Information
N/A
Vulnerability Type
N/A