Lucene search
MitreCVELIST:CVE-2014-2015HistoryNov 02, 2014 - 12:00 a.m.
CVE-2014-2015
2014-11-0200:00:00
mitre
www.cve.org
5
Stack-based buffer overflow in the normify function in the rlm_pap module (modules/rlm_pap/rlm_pap.c) in FreeRADIUS 2.x, possibly 2.2.3 and earlier, and 3.x, possibly 3.0.1 and earlier, might allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password hash, as demonstrated by an SSHA hash.
References
lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000610.html
lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000612.html
lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000616.html
rhn.redhat.com/errata/RHSA-2015-1287.html
ubuntu.com/usn/usn-2122-1
www.openwall.com/lists/oss-security/2014/02/18/3
www.securityfocus.com/bid/65581
bugzilla.redhat.com/show_bug.cgi?id=1066761
Related
amazon
amazon
Medium: freeradius
2015-08-17 12:30:00
openvas
openvas
RedHat Update for freeradius RHSA-2015:1287-01
2015-07-23 00:00:00
Fedora Update for freeradius FEDORA-2014-3184
2014-03-12 00:00:00
Amazon Linux: Security Advisory (ALAS-2015-581)
2015-09-08 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : freeradius (MDVSA-2014:058)
2014-03-14 00:00:00
Amazon Linux AMI : freeradius (ALAS-2015-581)
2015-08-18 00:00:00
centos
centos
freeradius security update
2015-07-26 14:11:15
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:06:49
mageia
mageia
Updated freeradius package fixes security vulnerability
2014-02-21 22:13:26
ubuntucve
ubuntucve
CVE-2014-2015
2014-02-21 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: freeradius-2.2.3-7.fc19
2014-03-09 04:41:41
[SECURITY] Fedora 20 Update: freeradius-3.0.1-4.fc20
2014-03-09 04:37:28
gentoo
gentoo
FreeRADIUS: Arbitrary code execution
2014-06-15 00:00:00
redhat
redhat
oraclelinux
oraclelinux
freeradius security, bug fix, and enhancement update
2015-07-28 00:00:00
debiancve
debiancve
CVE-2014-2015
2014-11-02 00:55:03
nvd
nvd
CVE-2014-2015
2014-11-02 00:55:03
cve
cve
CVE-2014-2015
2014-11-02 00:55:03
prion
prion
Stack overflow
2014-11-02 00:55:00
ubuntu
ubuntu
FreeRADIUS vulnerabilities
2014-02-26 00:00:00
securityvulns
securityvulns
FreeRADIUS security vulnerabilities
2014-02-28 00:00:00
[USN-2122-1] FreeRADIUS vulnerabilities
2014-02-28 00:00:00
osv
osv
freeradius - security update
2017-06-05 00:00:00
debian
debian
[SECURITY] [DLA 977-1] freeradius security update
2017-06-05 16:33:07