CVE-2015-8762

The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a zero-length EAP-PWD packet.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:freeradius:freeradius:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:freeradius:freeradius:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:freeradius:freeradius:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:freeradius:freeradius:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:freeradius:freeradius:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:freeradius:freeradius:3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:freeradius:freeradius:3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:freeradius:freeradius:3.0.7:*:*:*:*:*:*:*
cpe:2.3:a:freeradius:freeradius:3.0.8:*:*:*:*:*:*:*

History

21 Nov 2024, 02:39

Type Values Removed Values Added
References () http://freeradius.org/security.html#eap-pwd-2015 - Not Applicable () http://freeradius.org/security.html#eap-pwd-2015 - Not Applicable
References () http://www.openwall.com/lists/oss-security/2016/01/08/7 - Mailing List, Patch, Third Party Advisory () http://www.openwall.com/lists/oss-security/2016/01/08/7 - Mailing List, Patch, Third Party Advisory

Information

Published : 2017-03-27 17:59

Updated : 2024-11-21 02:39


NVD link : CVE-2015-8762

Mitre link : CVE-2015-8762

CVE.ORG link : CVE-2015-8762


JSON object : View

Products Affected

freeradius

  • freeradius
CWE
CWE-476

NULL Pointer Dereference