VULHUB ™

FreeRADIUS versions 0.9.2 and below have a tunnel-password attribute handling vulnerability. When a malformed attribute trigger gets passed, the server invokes memcpy() with a negative third argument, causing a crash.

FreeRADIUS versions 0.9.2 and below have a tunnel-password attribute handling vulnerability. When a malformed attribute trigger gets passed, the server invokes memcpy() with a negative third argument, causing a crash.