CVE-2001-1081

Description

Format string vulnerabilities in Livingston/Lucent RADIUS before 2.1.va.1 may allow local or remote attackers to cause a denial of service and possibly execute arbitrary code via format specifiers that are injected into log messages.

Affected products

• lucent / radius2.1.2 – 2.1.2
• simon_horms / radius2.1_2 – 2.1_2

References

• MISChttp://freshmeat.net/releases/52020/
• MISChttp://archives.neohapsis.com/archives/vulnwatch/2001-q3/0005.html
• MISChttp://archives.neohapsis.com/archives/apps/freshmeat/2001-07/0009.html
• MISChttp://www.securityfocus.com/bid/2994