Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
add_password in pam_radius_auth.c in pam_radius 1.4.0 does not correctly check the length of the input password, and is vulnerable to a stack-based buffer overflow during memcpy(). An attacker could send a crafted password to an application (loading the pam_radius library) and crash it. Arbitrary code execution might be possible, depending on the application, C library, compiler, and other factors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
pam_radius 缓冲区错误漏洞
Vulnerability Description
pam_radius 1.4.0版本的pam_radius_auth.c文件中存在缓冲区错误漏洞,该漏洞源于‘memcpy()’函数未对密码长度进行正确的验证。攻击者可借助特制的密码利用该漏洞造成应用程序崩溃,并可能执行代码。
CVSS Information
N/A
Vulnerability Type
N/A