Skip to main content

CVE-2004-0849

Severity Medium
Score 5/10

Summary

Integer overflow in the asn_decode_string() function defined in asn1.c in radiusd for GNU Radius 1.1 and 1.2 before 1.2.94, when compiled with the --enable-snmp option, allows remote attackers to cause a denial of service (daemon crash) via certain SNMP requests.

  • LOW
  • NETWORK
  • NONE
  • NONE
  • NONE
  • PARTIAL

References

Advisory Timeline

  • Published