VULHUB ™

FreeRADIUS is a RADIUS authentication server derived from the Cistron source base. While it supports RADIUS extensions as defined under RFC 2865, it allocates a static amount of memory for each extension found in a RADIUS acounting packet. As the packets may contain up to 2000 attributes while remaining under 4096 bytes in size, each packet may consume up to 512K of memory on the FreeRADIUS server. This could lead to a remote DoS attack through excessive memory consumption, if the server is flooded with maliciously constructed packets.

FreeRADIUS is a RADIUS authentication server derived from the Cistron source base. While it supports RADIUS extensions as defined under RFC 2865, it allocates a static amount of memory for each extension found in a RADIUS acounting packet. As the packets may contain up to 2000 attributes while remaining under 4096 bytes in size, each packet may consume up to 512K of memory on the FreeRADIUS server. This could lead to a remote DoS attack through excessive memory consumption, if the server is flooded with maliciously constructed packets.