返回 CVE 瀏覽器

CVE-2004-0849

MEDIUM

5.0

CVSS Severity Score

EPSS Score0.1200%

EPSS Percentile10.27th

Published2004年12月23日

Last Modified2026年4月16日

Vulnerability Description

Integer overflow in the asn_decode_string() function defined in asn1.c in radiusd for GNU Radius 1.1 and 1.2 before 1.2.94, when compiled with the --enable-snmp option, allows remote attackers to cause a denial of service (daemon crash) via certain SNMP requests.

Affected Platforms (CPE)

📦

Gnu

Radius

= 0.92.1

📦

Gnu

Radius

= 0.93

📦

Gnu

Radius

= 0.94

📦

Gnu

Radius

= 0.95

📦

Gnu

Radius

= 0.96

📦

Gnu

Radius

= 1.1

📦

Gnu

Radius

= 1.2

References & Advisories

🔗 http://lists.gnu.org/archive/html/info-gnu-radius/2004-09/msg00000.html

🔗 http://www.idefense.com/application/poi/display?id=141&type=vulnerabilities

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/17391

🔗 http://lists.gnu.org/archive/html/info-gnu-radius/2004-09/msg00000.html

🔗 http://www.idefense.com/application/poi/display?id=141&type=vulnerabilities

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/17391

相關漏洞威脅

CVE-2006-418110.0

Format string vulnerability in the sqllog function in the SQL accounting code for radiusd in GNU Radius 1.2 and 1.3 allows remote ...

CVE-2006-409810.0

Stack-based buffer overflow in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Sol...

CVE-2001-053410.0

Multiple buffer overflows in RADIUS daemon radiusd in (1) Merit 3.6b and (2) Lucent 2.1-2 RADIUS allow remote attackers to cause a...

CVE-2008-528410.0

The web server in IEA Software RadiusNT and RadiusX 5.1.38 and other versions before 5.1.44, Emerald 5.0.49 and other versions bef...