Lucene search
Ubuntu.comUB:CVE-2014-2015HistoryFeb 21, 2014 - 12:00 a.m.
CVE-2014-2015
2014-02-2100:00:00
ubuntu.com
ubuntu.com
12
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.008
Percentile
81.7%
Stack-based buffer overflow in the normify function in the rlm_pap module
(modules/rlm_pap/rlm_pap.c) in FreeRADIUS 2.x, possibly 2.2.3 and earlier,
and 3.x, possibly 3.0.1 and earlier, might allow attackers to cause a
denial of service (crash) and possibly execute arbitrary code via a long
password hash, as demonstrated by an SSHA hash.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 10.04 | noarch | freeradius | < 2.1.8+dfsg-1ubuntu1.1 | UNKNOWN |
| ubuntu | 12.04 | noarch | freeradius | < 2.1.10+dfsg-3ubuntu0.12.04.2 | UNKNOWN |
| ubuntu | 12.10 | noarch | freeradius | < 2.1.12+dfsg-1.1ubuntu0.1 | UNKNOWN |
| ubuntu | 13.10 | noarch | freeradius | < 2.1.12+dfsg-1.2ubuntu5.1 | UNKNOWN |
Related
amazon
amazon
Medium: freeradius
2015-08-17 12:30:00
openvas
openvas
RedHat Update for freeradius RHSA-2015:1287-01
2015-07-23 00:00:00
Fedora Update for freeradius FEDORA-2014-3184
2014-03-12 00:00:00
Amazon Linux: Security Advisory (ALAS-2015-581)
2015-09-08 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : freeradius (MDVSA-2014:058)
2014-03-14 00:00:00
Amazon Linux AMI : freeradius (ALAS-2015-581)
2015-08-18 00:00:00
centos
centos
freeradius security update
2015-07-26 14:11:15
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:06:49
mageia
mageia
Updated freeradius package fixes security vulnerability
2014-02-21 22:13:26
fedora
fedora
[SECURITY] Fedora 19 Update: freeradius-2.2.3-7.fc19
2014-03-09 04:41:41
[SECURITY] Fedora 20 Update: freeradius-3.0.1-4.fc20
2014-03-09 04:37:28
gentoo
gentoo
FreeRADIUS: Arbitrary code execution
2014-06-15 00:00:00
redhat
redhat
oraclelinux
oraclelinux
freeradius security, bug fix, and enhancement update
2015-07-28 00:00:00
debiancve
debiancve
CVE-2014-2015
2014-11-02 00:55:03
nvd
nvd
CVE-2014-2015
2014-11-02 00:55:03
cve
cve
CVE-2014-2015
2014-11-02 00:55:03
prion
prion
Stack overflow
2014-11-02 00:55:00
cvelist
cvelist
CVE-2014-2015
2014-11-02 00:00:00
ubuntu
ubuntu
FreeRADIUS vulnerabilities
2014-02-26 00:00:00
securityvulns
securityvulns
FreeRADIUS security vulnerabilities
2014-02-28 00:00:00
[USN-2122-1] FreeRADIUS vulnerabilities
2014-02-28 00:00:00
osv
osv
freeradius - security update
2017-06-05 00:00:00
debian
debian
[SECURITY] [DLA 977-1] freeradius security update
2017-06-05 16:33:07
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.008
Percentile
81.7%
Related for UB:CVE-2014-2015