The fr_dhcp_decode function in lib/dhcp.c in FreeRADIUS 2.1.9, in certain non-default builds, does not properly handle the DHCP Relay Agent Information option, which allows remote attackers to cause a denial of service (infinite loop and daemon outage) via a packet that has more than one sub-option. NOTE: some of these details are obtained from third party information.
References
Configurations
History
07 Nov 2023, 02:05
Type | Values Removed | Values Added |
---|---|---|
Summary | The fr_dhcp_decode function in lib/dhcp.c in FreeRADIUS 2.1.9, in certain non-default builds, does not properly handle the DHCP Relay Agent Information option, which allows remote attackers to cause a denial of service (infinite loop and daemon outage) via a packet that has more than one sub-option. NOTE: some of these details are obtained from third party information. |
Information
Published : 2010-10-07 21:00
Updated : 2024-02-28 11:41
NVD link : CVE-2010-3696
Mitre link : CVE-2010-3696
CVE.ORG link : CVE-2010-3696
JSON object : View
Products Affected
freeradius
- freeradius
CWE
CWE-399
Resource Management Errors