RADIUS: FreeRADIUS Invalid Type Code DoS
This signature detects UDP packets containing invalid RADIUS attributes. Attackers can send a FreeRADIUS server invalid Type packets and cause the service to become unresponsive. FreeRADIUS versions 1.0.0 and earlier are affected.
Extended Description
Reportedly FreeRADIUS is affected by multiple remote denial of service vulnerabilities. These issues are due to a failure of the application to handle malformed packets. An attacker may leverage these issues to cause the affected server to crash, denying service to legitimate users.
Affected Products
Red_hat fedora
References
BugTraq: 11222
CVE: CVE-2004-0938
URL: http://www.kb.cert.org/vuls/id/541574 http://www.freeradius.org/
Short Name
RADIUS:TYPE-DOS
Severity
Minor
Recommended
False
Recommended Action
None
Category
RADIUS
Keywords
CVE-2004-0938 Code DoS FreeRADIUS Invalid Type bid:11222
Release Date
11/03/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Red_hat
Freeradius
CVSS Score
5.0