CyberSec.Space Logo
CVEブラウザに戻る

CVE-2006-4181

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0020%
EPSS Percentile19.28th
Published2006年11月28日
Last Modified2026年4月23日

Vulnerability Description

Format string vulnerability in the sqllog function in the SQL accounting code for radiusd in GNU Radius 1.2 and 1.3 allows remote attackers to execute arbitrary code via unknown vectors.

Affected Platforms (CPE)

📦
Gnu

Radius

= 1.2
📦
Gnu

Radius

= 1.3

References & Advisories

🔗 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=443
🔗 http://secunia.com/advisories/23087
🔗 http://security.gentoo.org/glsa/glsa-200612-17.xml
🔗 http://securitytracker.com/id?1017285
🔗 http://www.securityfocus.com/bid/21303
🔗 http://www.vupen.com/english/advisories/2006/4712
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/30508
🔗 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=443

関連する脆弱性情報

CVE-2006-409810.0

Stack-based buffer overflow in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Sol...

CVE-2008-528410.0

The web server in IEA Software RadiusNT and RadiusX 5.1.38 and other versions before 5.1.44, Emerald 5.0.49 and other versions bef...

CVE-2001-053410.0

Multiple buffer overflows in RADIUS daemon radiusd in (1) Merit 3.6b and (2) Lucent 2.1-2 RADIUS allow remote attackers to cause a...

CVE-2018-252379.8

Hirschmann HiSecOS devices versions prior to 05.3.03 contain a buffer overflow vulnerability in the HTTPS login interface when RAD...