← Back

CVE-2001-1377

nvd nist
Published: Mar 4, 2002Modified: Apr 16, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:N/I:N/A:P
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2.

Affected (40)

Products: Freeradius: Freeradius · Gnu: Radius · Icradius: Icradius · +8 more
Show all products
Freeradius: Freeradius · Gnu: Radius · Icradius: Icradius · Livingston: Radius · Lucent: Radius · Miquel Van Smoorenburg Cistron: Radius · Openradius: Openradius · Radiusclient: Radiusclient · Xtradius: Xtradius · Yard Radius: Yard Radius · Yard Radius Project: Yard Radius
Freeradius
1 product
Freeradius
Gnu
1 product
Radius
Icradius
1 product
Icradius
Livingston
1 product
Radius
Lucent
1 product
Radius
Miquel Van Smoorenburg Cistron
1 product
Radius
Openradius
1 product
Openradius
Radiusclient
1 product
Radiusclient
Xtradius
1 product
Xtradius
Yard Radius
1 product
Yard Radius
Yard Radius Project
1 product
Yard Radius
Configuration A
40 vulnerable
Vulnerable SoftwareAffected Versions
Freeradius
Freeradius
Version 0.2
Freeradius
Version 0.3
Gnu
Radius
Version 0.92.1
Radius
Version 0.93
Radius
Version 0.94
Radius
Version 0.95
Icradius
Icradius
Version 0.14
Icradius
Version 0.15
Icradius
Version 0.16
Icradius
Version 0.17
Icradius
Version 0.17b
Icradius
Version 0.18.1
Icradius
Version 0.18
Livingston
Radius
Version 2.0.1
Radius
Version 2.0
Radius
Version 2.1
Lucent
Radius
Version 2.0.1
Radius
Version 2.0
Radius
Version 2.1
Radius
Version 1.6.1
Radius
Version 1.6.2
Radius
Version 1.6.3
Radius
Version 1.6.4
Radius
Version 1.6.5
Radius
Version 1.6_.0
Openradius
Openradius
Version 0.8
Openradius
Version 0.9.1
Openradius
Version 0.9.2
Openradius
Version 0.9.3
Openradius
Version 0.9
Radiusclient
Version 0.3.1
Xtradius
Xtradius
Version 1.1_pre1
Xtradius
Version 1.1_pre2
Yard Radius
Yard Radius
Version 1.0.17
Yard Radius
Version 1.0.18
Yard Radius
Version 1.0.19
Yard Radius
Version 1.0_pre13
Yard Radius
Version 1.0_pre14
Yard Radius
Version 1.0_pre15
Yard Radius
Version 1.0.16

References (18)

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc (unsafe URL)
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
PatchThird Party AdvisoryUS Government Resource
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
PatchThird Party AdvisoryUS Government Resource
Source: cve@mitre.org
Source: cve@mitre.org
PatchVendor Advisory
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc (unsafe URL)
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.