Unrated severityNVD Advisory· Published Feb 9, 2005· Updated Apr 16, 2026
CVE-2004-0960
CVE-2004-0960
Description
FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (core dump) via malformed USR vendor-specific attributes (VSA) that cause a memcpy operation with a -1 argument.
Affected products
14cpe:2.3:a:freeradius:freeradius:0.2:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:freeradius:freeradius:0.2:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:0.4:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:0.8:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:0.9:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:0.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:0.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:0.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:1.0.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*
- cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- www.securityfocus.com/bid/11222nvdPatchVendor Advisory
- www.kb.cert.org/vuls/id/541574nvdThird Party AdvisoryUS Government Resource
- security.gentoo.org/glsa/glsa-200409-29.xmlnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/17440nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11023nvd
News mentions
0No linked articles in our index yet.