MidnightBSD

Advisories for radius_extension_project

CVE-2013-2220 HIGH

Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
radius_extension_project radius 1.2.4
radius_extension_project radius 1.2.2
radius_extension_project radius 1.1
radius_extension_project radius 1.2.1
radius_extension_project radius *
radius_extension_project radius 1.2.5
radius_extension_project radius 1.2.3