CVE-2017-10984

Source
https://nvd.nist.gov/vuln/detail/CVE-2017-10984
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-10984.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2017-10984
Related
Published
2017-07-17T17:29:00Z
Modified
2024-10-12T02:27:19.473675Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows "Write overflow in data2vp_wimax()" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code.

References

Affected packages

Debian:11 / freeradius

Package

Name
freeradius
Purl
pkg:deb/debian/freeradius?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.15+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / freeradius

Package

Name
freeradius
Purl
pkg:deb/debian/freeradius?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.15+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / freeradius

Package

Name
freeradius
Purl
pkg:deb/debian/freeradius?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.15+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/freeradius/freeradius-server

Affected versions

Other

branch_4_0_0
first-build
release_0_1_0
release_0_2_0
release_0_3_0
release_0_4_0
release_0_5_0
release_0_6_0
release_0_7_0
release_0_9_0
release_0_9_0_final
release_0_9_0_pre2
release_0_9_0_pre3
release_1_0_0
release_1_0_0_pre1
release_1_0_0_pre2
release_1_0_0_pre3
release_1_0_1
release_1_0_2
release_1_1_0
release_1_1_0_pre0
release_1_1_1
release_1_1_2
release_1_1_3
release_1_1_4
release_1_1_5
release_1_1_6
release_1_1_7
release_2_0_0
release_2_0_0_pre1
release_2_0_0_pre2
release_2_0_1
release_2_0_2
release_2_0_3
release_2_0_4
release_2_0_5
release_2_1_0
release_2_1_1
release_2_1_2
release_2_1_3
release_2_1_4
release_2_1_7
release_3_0_0
release_3_0_0_beta0
release_3_0_0_beta1
release_3_0_0_rc0
release_3_0_0_rc1
release_3_0_1
release_3_0_2
release_3_0_3
release_3_0_4_rc0
release_3_0_4_rc1
release_3_0_4_rc2
release_3_0_5
release_3_0_6
release_3_0_7
release_3_0_8

release_3.*

release_3.0.8