GNU.SNMP.RADIUS.DoS
Description
Remote exploitation of a denial of service condition within GNU Radius
allows attackers to crash the service.
The problem specifically exists in the code for handling SNMP messages.
By supplying a malformed packet containing an invalid OID, such as -1,
it is possible to cause the server to shut down, preventing further
requests from being handled. The Radius server must have been compiled
with the '-enable-snmp' option in order to be vulnerable.
Affected Products
GNU Radius 1.1
Impact
Denial of Services
Recommended Actions
This issue has been fixed in GNU Radius version 1.2.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2018-09-26 | 13.458 |