| Max CVSS | 7.8 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-2028 | 5.0 |
Memory leak in freeRADIUS 1.1.5 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of EAP-TTLS tunnel connections using malformed Diameter format attributes, which causes the authentication reques
|
11-10-2017 - 01:32 | 13-04-2007 - 18:19 | |
| CVE-2005-1454 | 7.5 |
SQL injection vulnerability in the radius_xlat function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via (1) group_membership_query, (2) simul_count_query, or (3) simul_verify_
|
11-10-2017 - 01:30 | 19-05-2005 - 04:00 | |
| CVE-2006-1354 | 7.5 |
Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote attackers to bypass authentication or cause a denial of service (server crash) via "Insufficient input validation" in the EAP-MSCHAPv2 state machine module.
|
11-10-2017 - 01:30 | 22-03-2006 - 02:02 | |
| CVE-2005-1455 | 7.5 |
Buffer overflow in the sql_escape_func function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote attackers to cause a denial of service (crash).
|
11-10-2017 - 01:30 | 19-05-2005 - 04:00 | |
| CVE-2005-4745 | 7.5 |
SQL injection vulnerability in the rlm_sqlcounter module in FreeRADIUS 1.0.3 and 1.0.4 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. The vendor released version 1.1.1 to address this issue.
|
02-04-2010 - 06:30 | 31-12-2005 - 05:00 | |
| CVE-2005-4746 | 7.8 |
Multiple buffer overflows in FreeRADIUS 1.0.3 and 1.0.4 allow remote attackers to cause denial of service (crash) via (1) the rlm_sqlcounter module or (2) unknown vectors "while expanding %t".
|
02-04-2010 - 06:30 | 31-12-2005 - 05:00 |