Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Integer overflow in the asn_decode_string() function defined in asn1.c in radiusd for GNU Radius 1.1 and 1.2 before 1.2.94, when compiled with the --enable-snmp option, allows remote attackers to cause a denial of service (daemon crash) via certain SNMP requests.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
GNU Radius SNMP字符串长度整数溢出拒绝服务漏洞
Vulnerability Description
GNU Radius是一款开放源代码远程用户验证和审计服务器。 GNU Radius asn_decode_string()函数存在整数溢出问题,远程攻击者可以利用这个漏洞进行拒绝服务攻击。 问题存在于snmplib/asn1.c中的asn_decode_string()函数,当提交一个很大的非符号数值时,就在边界检查代码中发生整数溢出,守护进程就会引用未分配内存而导致访问冲突,而造成拒绝服务。 此漏洞需要radiusd以--enable-snmp选项编译才存在,默认编译不支持SNMP。
CVSS Information
N/A
Vulnerability Type
N/A