CVE-2005-0108
Published: 11 January 2005
Apache mod_auth_radius 1.5.4 and libpam-radius-auth allow remote malicious RADIUS servers to cause a denial of service (crash) via a RADIUS_REPLY_MESSAGE with a RADIUS attribute length of 1, which leads to a memcpy operation with a -1 length argument.
Priority
Status
Package | Release | Status |
---|---|---|
libpam-radius-auth Launchpad, Ubuntu, Debian |
dapper |
Released
(1.3.16-4)
|
edgy |
Released
(1.3.16-4)
|
|
feisty |
Released
(1.3.16-4)
|
|
upstream |
Needs triage
|