CVE-2004-0960

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2004-0960

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2004-0960.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2004-0960

Downstream

DEBIAN-CVE-2004-0960

RHSA-2004:609

Published

2005-02-09T05:00:00Z

Modified

2025-08-09T20:01:26Z

Summary

[none]

Details

FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (core dump) via malformed USR vendor-specific attributes (VSA) that cause a memcpy operation with a -1 argument.

References

http://security.gentoo.org/glsa/glsa-200409-29.xml
http://www.kb.cert.org/vuls/id/541574
http://www.securityfocus.com/bid/11222
https://exchange.xforce.ibmcloud.com/vulnerabilities/17440
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11023

CVE-2004-0960

Affected packages