CVE-2004-0960 - Stand up Visit

Description

FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (core dump) via malformed USR vendor-specific attributes (VSA) that cause a memcpy operation with a -1 argument.

Reference

http://www.securityfocus.com/bid/11222 http://www.kb.cert.org/vuls/id/541574 http://security.gentoo.org/glsa/glsa-200409-29.xml https://exchange.xforce.ibmcloud.com/vulnerabilities/17440 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11023