CVE-2017-10987 |
Medium |
Yes |
Denial of service |
A security issue has been found in freeradius <= 3.0.15, where the fr_dhcp_decode_suboptions() function does not properly check if sub- options overflow the packet. |
CVE-2017-10986 |
Medium |
Yes |
Denial of service |
A security issue has been found in freeradius <= 3.0.15, where the dhcp_attr2vp() function, when decoding "string" options in an array, could be convinced... |
CVE-2017-10985 |
Medium |
Yes |
Denial of service |
A security issue has been found in freeradius <= 3.0.15, where the server could go into an infinite loop and exhaust memory when it receives zero-length... |
CVE-2017-10984 |
Critical |
Yes |
Arbitrary code execution |
A security issue has been found in freeradius <= 3.0.15, where the data2vp_wimax() function checks for WiMAX attributes which are too small, but it does not... |
CVE-2017-10983 |
Medium |
Yes |
Denial of service |
A security issue has been found in freeradius <= 3.0.15, where the fr_dhcp_decode() function performed a strcmp() on binary data in an internal data... |
CVE-2017-10978 |
Medium |
Yes |
Denial of service |
A security issue has been found in freeradius <= 3.0.15, where the make_secret() function does not properly check for output buffer size before writing... |