Unrated severityNVD Advisory· Published Mar 4, 2002· Updated Apr 16, 2026
CVE-2001-1377
CVE-2001-1377
Description
Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2.
Affected products
40cpe:2.3:a:freeradius:freeradius:0.2:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:freeradius:freeradius:0.2:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:0.3:*:*:*:*:*:*:*
cpe:2.3:a:icradius:icradius:0.14:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:icradius:icradius:0.14:*:*:*:*:*:*:*
- cpe:2.3:a:icradius:icradius:0.15:*:*:*:*:*:*:*
- cpe:2.3:a:icradius:icradius:0.16:*:*:*:*:*:*:*
- cpe:2.3:a:icradius:icradius:0.17:*:*:*:*:*:*:*
- cpe:2.3:a:icradius:icradius:0.17b:*:*:*:*:*:*:*
- cpe:2.3:a:icradius:icradius:0.18:*:*:*:*:*:*:*
- cpe:2.3:a:icradius:icradius:0.18.1:*:*:*:*:*:*:*
cpe:2.3:a:livingston:radius:2.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:livingston:radius:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:livingston:radius:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:livingston:radius:2.1:*:*:*:*:*:*:*
cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6_.0:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6_.0:*:*:*:*:*:*:*
- cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:miquel_van_smoorenburg_cistron:radius:1.6.5:*:*:*:*:*:*:*
cpe:2.3:a:openradius:openradius:0.8:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:openradius:openradius:0.8:*:*:*:*:*:*:*
- cpe:2.3:a:openradius:openradius:0.9:*:*:*:*:*:*:*
- cpe:2.3:a:openradius:openradius:0.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:openradius:openradius:0.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:openradius:openradius:0.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:radiusclient:radiusclient:0.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:yard_radius_project:yard_radius:1.0.16:*:*:*:*:*:*:*
cpe:2.3:a:yard_radius:yard_radius:1.0.17:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:yard_radius:yard_radius:1.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:yard_radius:yard_radius:1.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:yard_radius:yard_radius:1.0.19:*:*:*:*:*:*:*
- cpe:2.3:a:yard_radius:yard_radius:1.0_pre13:*:*:*:*:*:*:*
- cpe:2.3:a:yard_radius:yard_radius:1.0_pre14:*:*:*:*:*:*:*
- cpe:2.3:a:yard_radius:yard_radius:1.0_pre15:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- www.cert.org/advisories/CA-2002-06.htmlnvdPatchThird Party AdvisoryUS Government Resource
- www.iss.net/security_center/static/8354.phpnvdPatchVendor Advisory
- www.kb.cert.org/vuls/id/936683nvdPatchThird Party AdvisoryUS Government Resource
- www.securityfocus.com/bid/4230nvdPatchVendor Advisory
- ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.ascnvd
- archives.neohapsis.com/archives/linux/suse/2002-q2/0362.htmlnvd
- distro.conectiva.com.br/atualizacoes/nvd
- marc.infonvd
- www.redhat.com/support/errata/RHSA-2002-030.htmlnvd
News mentions
0No linked articles in our index yet.