Lucene search
RedhatCVE-2013-2220HistoryJul 31, 2013 - 1:20 p.m.
CVE-2013-2220
2013-07-3113:20:27
CWE-119
redhat
web.nvd.nist.gov
89
php
radius
buffer overflow
cve-2013-2220
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8
Confidence
Low
EPSS
0.05
Percentile
93.0%
Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.
Affected configurations
Node
radius_extension_projectradiusRange≤1.2.6
ORradius_extension_projectradiusMatch1.1
ORradius_extension_projectradiusMatch1.2.1
ORradius_extension_projectradiusMatch1.2.2
ORradius_extension_projectradiusMatch1.2.3
ORradius_extension_projectradiusMatch1.2.4
ORradius_extension_projectradiusMatch1.2.5
phpphp
| Vendor | Product | Version | CPE |
|---|---|---|---|
| radius_extension_project | radius | * | cpe:2.3:a:radius_extension_project:radius:*:*:*:*:*:*:*:* |
| radius_extension_project | radius | 1.1 | cpe:2.3:a:radius_extension_project:radius:1.1:*:*:*:*:*:*:* |
| radius_extension_project | radius | 1.2.1 | cpe:2.3:a:radius_extension_project:radius:1.2.1:*:*:*:*:*:*:* |
| radius_extension_project | radius | 1.2.2 | cpe:2.3:a:radius_extension_project:radius:1.2.2:*:*:*:*:*:*:* |
| radius_extension_project | radius | 1.2.3 | cpe:2.3:a:radius_extension_project:radius:1.2.3:*:*:*:*:*:*:* |
| radius_extension_project | radius | 1.2.4 | cpe:2.3:a:radius_extension_project:radius:1.2.4:*:*:*:*:*:*:* |
| radius_extension_project | radius | 1.2.5 | cpe:2.3:a:radius_extension_project:radius:1.2.5:*:*:*:*:*:*:* |
| php | php | * | cpe:2.3:a:php:php:*:*:*:*:*:*:*:* |
Related
openvas
openvas
Debian Security Advisory DSA 2726-1 (php-radius - buffer overflow)
2013-07-25 00:00:00
Mageia: Security Advisory (MGASA-2013-0206)
2022-01-28 00:00:00
Debian: Security Advisory (DSA-2726-1)
2013-07-24 00:00:00
debian
debian
[SECURITY] [DSA 2726-1] php-radius security update
2013-07-25 18:00:42
cvelist
cvelist
CVE-2013-2220
2013-07-31 10:00:00
securityvulns
securityvulns
php-radius buffer overflow
2013-07-08 00:00:00
[ MDVSA-2013:192 ] php-radius
2013-07-08 00:00:00
nessus
nessus
Debian DSA-2726-1 : php-radius - buffer overflow
2013-07-28 00:00:00
Mandriva Linux Security Advisory : php-radius (MDVSA-2013:192)
2013-07-03 00:00:00
nvd
nvd
CVE-2013-2220
2013-07-31 13:20:27
debiancve
debiancve
CVE-2013-2220
2013-07-31 13:20:27
ubuntucve
ubuntucve
CVE-2013-2220
2013-07-31 00:00:00
prion
prion
Buffer overflow
2013-07-31 13:20:00
osv
osv
php-radius - buffer overflow
2013-07-25 00:00:00
mageia
mageia
Updated php-radius packages fix CVE-2013-2220
2013-07-09 22:33:38
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8
Confidence
Low
EPSS
0.05
Percentile
93.0%
Related for CVE-2013-2220