CVE-2001-1377

Medium

5/10

Summary

Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: NONE
Confidentiality Impact: NONE
Availability Impact: PARTIAL

References

Advisory Timeline

Published Mar 04, 2002

CVE-2001-1377

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS