FreeRADIUS is vulnerable to denial of service (DoS). A memory leak flaw was found in the way FreeRADIUS parses certain authentication requests. A remote attacker could send a specially crafted authentication request which could cause FreeRADIUS to leak a small amount of memory. If enough of these requests are sent, the FreeRADIUS daemon would consume a vast quantity of system memory leading to a possible denial of service.
rhn.redhat.com/errata/RHSA-2007-0338.html
secunia.com/advisories/24849
secunia.com/advisories/24907
secunia.com/advisories/24917
secunia.com/advisories/24996
secunia.com/advisories/25201
secunia.com/advisories/25220
security.gentoo.org/glsa/glsa-200704-14.xml
www.freeradius.org/security.html
www.mandriva.com/security/advisories?name=MDKSA-2007:085
www.novell.com/linux/security/advisories/2007_10_sr.html
www.redhat.com/security/updates/classification/#moderate
www.securityfocus.com/bid/23466
www.securitytracker.com/id?1018042
www.trustix.org/errata/2007/0013/
www.vupen.com/english/advisories/2007/1369
access.redhat.com/errata/RHSA-2007:0338
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11156