An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows "Write overflow in data2vp_wimax()" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code.
The product writes data past the end, or before the beginning, of the intended buffer.
Link | Tags |
---|---|
http://www.debian.org/security/2017/dsa-3930 | vendor advisory |
https://access.redhat.com/errata/RHSA-2017:2389 | vendor advisory |
http://freeradius.org/security/fuzzer-2017.html | patch vendor advisory |
http://www.securityfocus.com/bid/99876 | vdb entry |