FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

freeradius -- sql injection and denial of service vulnerability

Affected packages
freeradius <= 1.0.2_1
freeradius-devel <= 1.0.2

Details

VuXML ID 2fbe16c2-cab6-11d9-9aed-000e0c2e438a
Discovery 2005-05-17
Entry 2005-05-22
Modified 2008-01-20

A Gentoo Advisory reports:

The FreeRADIUS server is vulnerable to an SQL injection attack and a buffer overflow, possibly resulting in disclosure and modification of data and Denial of Service.

References

Bugtraq ID 13540
Bugtraq ID 13541
URL http://www.gentoo.org/security/en/glsa/glsa-200505-13.xml