CVE-2017-10985 - log back

CVE-2017-10985 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ A security issue has been found in freeradius <= 3.0.15, where the server could go into an infinite loop and exhaust memory when it receives zero-length attributes marked 'concat' in the dictionaries.
References
+ http://freeradius.org/security/fuzzer-2017.html#FR-GV-302
+ https://github.com/FreeRADIUS/freeradius-server/commit/6726c16549b131ed39f6f8886cdf5d9d922a9a97
Notes